def test_unit__get_receiver_ids_workspace_members_event__nominal_case(
self,
session,
workspace_and_users,
admin_user,
user_api_factory,
workspace_api_factory,
role_api_factory,
):
(my_workspace, same_workspace_user, role, other_user, event_initiator) = workspace_and_users
workspace_api = workspace_api_factory.get()
workspace_in_context = workspace_api.get_workspace_with_context(my_workspace)
rapi = role_api_factory.get()
user_api = user_api_factory.get()
role_in_context = rapi.get_user_role_workspace_with_context(role)
fields = {
Event.AUTHOR_FIELD: UserSchema()
.dump(user_api.get_user_with_context(event_initiator))
.data,
Event.USER_FIELD: UserSchema()
.dump(user_api.get_user_with_context(event_initiator))
.data,
Event.CLIENT_TOKEN_FIELD: "test",
Event.WORKSPACE_FIELD: WorkspaceSchema().dump(workspace_in_context).data,
Event.MEMBER_FIELD: WorkspaceMemberDigestSchema().dump(role_in_context).data,
}
event = Event(
entity_type=EntityType.WORKSPACE_MEMBER, operation=OperationType.MODIFIED, fields=fields
)
receivers_ids = FakeLiveMessageBuilder()._get_receiver_ids(event, session)
assert event_initiator.user_id in receivers_ids
assert same_workspace_user.user_id in receivers_ids
assert other_user.user_id not in receivers_ids
assert admin_user.user_id in receivers_ids
def test_unit__get_receiver_ids_workspace_event__accessible_workspace(
self,
session,
accessible_workspace_and_users,
admin_user,
user_api_factory,
workspace_api_factory,
):
(
my_workspace,
same_workspace_user,
_,
other_user,
event_initiator,
) = accessible_workspace_and_users
workspace_api = workspace_api_factory.get()
workspace_in_context = workspace_api.get_workspace_with_context(my_workspace)
user_api = user_api_factory.get()
fields = {
Event.AUTHOR_FIELD: UserSchema()
.dump(user_api.get_user_with_context(event_initiator))
.data,
Event.CLIENT_TOKEN_FIELD: "test",
Event.WORKSPACE_FIELD: WorkspaceSchema().dump(workspace_in_context).data,
}
event = Event(
entity_type=EntityType.WORKSPACE, operation=OperationType.MODIFIED, fields=fields
)
receivers_ids = FakeLiveMessageBuilder()._get_receiver_ids(event, session)
assert event_initiator.user_id in receivers_ids
assert same_workspace_user.user_id in receivers_ids
assert other_user.user_id in receivers_ids
assert admin_user.user_id in receivers_ids
def test_unit__get_receiver_ids_content_event__nominal_case(
self,
session,
user_api_factory,
content_type_list,
content_api_factory,
admin_user,
workspace_api_factory,
role_api_factory,
workspace_and_users,
):
(my_workspace, same_workspace_user, role, other_user,
event_initiator) = workspace_and_users
workspace_api = workspace_api_factory.get()
user_api = user_api_factory.get()
workspace_in_context = workspace_api.get_workspace_with_context(
my_workspace)
content_api = content_api_factory.get(current_user=event_initiator)
folder = content_api.create(
label="test_folder",
content_type_slug=content_type_list.Folder.slug,
workspace=my_workspace,
do_save=True,
do_notify=False,
)
transaction.commit()
content_in_context = content_api.get_content_in_context(folder)
fields = {
Event.AUTHOR_FIELD:
UserSchema().dump(
user_api.get_user_with_context(event_initiator)).data,
Event.CONTENT_FIELD:
ContentSchema().dump(content_in_context).data,
Event.CLIENT_TOKEN_FIELD:
"test",
Event.WORKSPACE_FIELD:
WorkspaceSchema().dump(workspace_in_context).data,
}
event = Event(entity_type=EntityType.CONTENT,
operation=OperationType.MODIFIED,
fields=fields)
receivers_ids = FakeLiveMessageBuilder()._get_receiver_ids(
event, session)
assert event_initiator.user_id in receivers_ids
assert same_workspace_user.user_id in receivers_ids
assert other_user.user_id not in receivers_ids
assert admin_user.user_id not in receivers_ids
class EventApi:
"""Api to query event & messages"""
user_schema = UserSchema()
workspace_schema = WorkspaceSchema()
content_schemas = {
COMMENT_TYPE: CommentSchema(),
HTML_DOCUMENTS_TYPE: TextBasedContentSchema(),
FILE_TYPE: FileContentSchema(),
FOLDER_TYPE: TextBasedContentSchema(),
THREAD_TYPE: TextBasedContentSchema(),
}
event_schema = EventSchema()
workspace_user_role_schema = WorkspaceMemberDigestSchema()
workspace_subscription_schema = WorkspaceSubscriptionSchema()
def __init__(self, current_user: Optional[User], session: TracimSession,
config: CFG) -> None:
self._current_user = current_user
self._session = session
self._config = config
def _filter_event_types(self, query: Query, event_types: Optional[
List[EventTypeDatabaseParameters]], exclude: bool) -> Query:
if event_types:
event_type_filters = []
for event_type in event_types:
if event_type.subtype:
event_type_filter = and_(
Event.entity_type == event_type.entity,
Event.operation == event_type.operation,
Event.entity_subtype == event_type.subtype,
)
else:
event_type_filter = and_(
Event.entity_type == event_type.entity,
Event.operation == event_type.operation,
)
event_type_filters.append(event_type_filter)
if len(event_type_filters) > 1:
f = or_(*event_type_filters)
else:
f = event_type_filters[0]
if exclude:
f = not_(f)
return query.filter(f)
return query
def _base_query(
self,
read_status: ReadStatus = ReadStatus.ALL,
event_id: Optional[int] = None,
user_id: Optional[int] = None,
include_event_types: List[EventTypeDatabaseParameters] = None,
exclude_event_types: List[EventTypeDatabaseParameters] = None,
exclude_author_ids: Optional[List[int]] = None,
after_event_id: int = 0,
) -> Query:
query = self._session.query(Message).join(Event)
if event_id:
query = query.filter(Message.event_id == event_id)
if user_id:
query = query.filter(Message.receiver_id == user_id)
if read_status == ReadStatus.READ:
query = query.filter(Message.read != null())
elif read_status == ReadStatus.UNREAD:
query = query.filter(Message.read == null())
else:
# ALL doesn't need any filtering and is the only other handled case
assert read_status == ReadStatus.ALL
query = self._filter_event_types(query, include_event_types, False)
query = self._filter_event_types(query, exclude_event_types, True)
if exclude_event_types:
event_type_filters = []
for event_type in exclude_event_types:
if event_type.subtype:
event_type_filter = or_(
Event.entity_type != event_type.entity,
Event.operation != event_type.operation,
Event.entity_subtype != event_type.subtype,
)
else:
event_type_filter = or_(
Event.entity_type != event_type.entity,
Event.operation != event_type.operation,
)
event_type_filters.append(event_type_filter)
if len(event_type_filters) > 1:
query = query.filter(and_(*event_type_filters))
else:
query = query.filter(event_type_filters[0])
if exclude_author_ids:
for author_id in exclude_author_ids:
# RJ & SG - 2020-09-11 - HACK
# We wanted to use Event.fields["author"] == JSON.NULL instead of this
# soup involving a cast and a get out of my way text("'null'") to
# know whether a JSON field is null. However, this does not work on
# PostgreSQL. See https://github.com/sqlalchemy/sqlalchemy/issues/5575
query = query.filter(
or_(
cast(Event.fields["author"], String) == text("'null'"),
Event.fields["author"]["user_id"].as_integer() !=
author_id,
))
if after_event_id:
query = query.filter(Message.event_id > after_event_id)
return query
def get_one_message(self, event_id: int, user_id: int) -> Message:
try:
return self._base_query(event_id=event_id, user_id=user_id).one()
except NoResultFound as exc:
raise MessageDoesNotExist(
'Message for user {} with event id "{}" not found in database'.
format(user_id, event_id)) from exc
def mark_user_message_as_read(self, event_id: int,
user_id: int) -> Message:
message = self.get_one_message(event_id, user_id)
message.read = datetime.utcnow()
self._session.add(message)
self._session.flush()
return message
def mark_user_message_as_unread(self, event_id: int,
user_id: int) -> Message:
message = self.get_one_message(event_id, user_id)
message.read = None
self._session.add(message)
self._session.flush()
return message
def mark_user_messages_as_read(self, user_id: int) -> List[Message]:
unread_messages = self._base_query(read_status=ReadStatus.UNREAD,
user_id=user_id).all()
for message in unread_messages:
message.read = datetime.utcnow()
self._session.add(message)
self._session.flush()
return unread_messages
def get_messages_for_user(self,
user_id: int,
after_event_id: int = 0) -> List[Message]:
query = self._base_query(
user_id=user_id,
after_event_id=after_event_id,
)
return query.all()
def get_paginated_messages_for_user(
self,
user_id: int,
read_status: ReadStatus,
exclude_author_ids: List[int] = None,
include_event_types: List[EventTypeDatabaseParameters] = None,
exclude_event_types: List[EventTypeDatabaseParameters] = None,
count: Optional[int] = DEFAULT_NB_ITEM_PAGINATION,
page_token: Optional[int] = None,
) -> Page:
query = self._base_query(
user_id=user_id,
read_status=read_status,
include_event_types=include_event_types,
exclude_event_types=exclude_event_types,
exclude_author_ids=exclude_author_ids,
).order_by(Message.event_id.desc())
return get_page(query, per_page=count, page=page_token or False)
def get_messages_count(
self,
user_id: int,
read_status: ReadStatus,
include_event_types: List[EventTypeDatabaseParameters] = None,
exclude_event_types: List[EventTypeDatabaseParameters] = None,
exclude_author_ids: List[int] = None,
) -> int:
return self._base_query(
user_id=user_id,
include_event_types=include_event_types,
exclude_event_types=exclude_event_types,
read_status=read_status,
exclude_author_ids=exclude_author_ids,
).count()
def create_event(
self,
entity_type: EntityType,
operation: OperationType,
additional_fields: Dict[str, JsonDict],
context: TracimContext,
entity_subtype: Optional[str] = None,
) -> Event:
current_user = context.safe_current_user()
user_api = UserApi(
current_user=current_user,
session=context.dbsession,
config=self._config,
show_deleted=True,
)
if current_user:
author = self.user_schema.dump(
user_api.get_user_with_context(current_user)).data
else:
author = None
fields = {
Event.AUTHOR_FIELD: author,
Event.CLIENT_TOKEN_FIELD: context.client_token,
}
fields.update(additional_fields)
event = Event(
entity_type=entity_type,
operation=operation,
entity_subtype=entity_subtype,
fields=fields,
)
context.dbsession.add(event)
context.pending_events.append(event)
return event
@classmethod
def get_content_schema_for_type(cls, content_type: str) -> ContentSchema:
try:
return cls.content_schemas[content_type]
except KeyError:
logger.error(
cls,
("Cannot dump proper content for content-type '{}' in generated event "
"as it is unknown, falling back to generic content schema"
).format(content_type),
)
return ContentSchema()
class WorkspaceController(Controller):
@hapic.with_api_doc(tags=[SWAGGER_TAG__WORKSPACE_ENDPOINTS])
@require_profile_and_workspace_role(
minimal_profile=Group.TIM_USER,
minimal_required_role=UserRoleInWorkspace.READER,
allow_superadmin=True)
@hapic.input_path(WorkspaceIdPathSchema())
@hapic.output_body(WorkspaceSchema())
def workspace(self, context, request: TracimRequest, hapic_data=None):
"""
Get workspace informations
"""
app_config = request.registry.settings['CFG']
wapi = WorkspaceApi(
current_user=request.current_user, # User
session=request.dbsession,
config=app_config,
)
return wapi.get_workspace_with_context(request.current_workspace)
@hapic.with_api_doc(tags=[SWAGGER_TAG__WORKSPACE_ENDPOINTS])
@require_profile(Group.TIM_ADMIN)
@hapic.output_body(
WorkspaceSchema(many=True), )
def workspaces(self, context, request: TracimRequest, hapic_data=None):
"""
Returns the list of all workspaces. This route is for admin only.
Standard users must use their own route: /api/v2/users/me/workspaces
"""
app_config = request.registry.settings['CFG']
wapi = WorkspaceApi(
current_user=request.current_user, # User
session=request.dbsession,
config=app_config,
)
workspaces = wapi.get_all()
return [
wapi.get_workspace_with_context(workspace)
for workspace in workspaces
]
@hapic.with_api_doc(tags=[SWAGGER_TAG__WORKSPACE_ENDPOINTS])
@hapic.handle_exception(EmptyLabelNotAllowed, HTTPStatus.BAD_REQUEST)
@require_profile_and_workspace_role(
minimal_profile=Group.TIM_USER,
minimal_required_role=UserRoleInWorkspace.WORKSPACE_MANAGER,
allow_superadmin=True)
@hapic.input_path(WorkspaceIdPathSchema())
@hapic.input_body(WorkspaceModifySchema())
@hapic.output_body(WorkspaceSchema())
def update_workspace(self,
context,
request: TracimRequest,
hapic_data=None): # nopep8
"""
Update a workspace. This route is for trusted users and administrators.
Note : a trusted user can only update spaces on which he/she is space manager
"""
app_config = request.registry.settings['CFG']
wapi = WorkspaceApi(
current_user=request.current_user, # User
session=request.dbsession,
config=app_config,
)
wapi.update_workspace(
request.current_workspace,
label=hapic_data.body.label,
description=hapic_data.body.description,
save_now=True,
)
return wapi.get_workspace_with_context(request.current_workspace)
@hapic.with_api_doc(tags=[SWAGGER_TAG__WORKSPACE_ENDPOINTS])
@hapic.handle_exception(EmptyLabelNotAllowed, HTTPStatus.BAD_REQUEST)
@hapic.handle_exception(WorkspaceLabelAlreadyUsed, HTTPStatus.BAD_REQUEST)
@require_profile(Group.TIM_MANAGER)
@hapic.input_body(WorkspaceCreationSchema())
@hapic.output_body(WorkspaceSchema())
def create_workspace(self,
context,
request: TracimRequest,
hapic_data=None): # nopep8
"""
Create a workspace. This route is for trusted users and administrators.
"""
app_config = request.registry.settings['CFG']
wapi = WorkspaceApi(
current_user=request.current_user, # User
session=request.dbsession,
config=app_config,
)
workspace = wapi.create_workspace(
label=hapic_data.body.label,
description=hapic_data.body.description,
save_now=True,
)
return wapi.get_workspace_with_context(workspace)
@hapic.with_api_doc(
tags=[SWAGGER_TAG__WORKSPACE_TRASH_AND_RESTORE_ENDPOINTS])
@hapic.handle_exception(EmptyLabelNotAllowed, HTTPStatus.BAD_REQUEST)
@require_profile_and_workspace_role(
minimal_profile=Group.TIM_MANAGER,
minimal_required_role=UserRoleInWorkspace.WORKSPACE_MANAGER,
allow_superadmin=True)
@hapic.input_path(WorkspaceIdPathSchema())
@hapic.output_body(NoContentSchema(),
default_http_code=HTTPStatus.NO_CONTENT) # nopep8
def delete_workspace(self,
context,
request: TracimRequest,
hapic_data=None): # nopep8
"""
Delete a workspace. This route is for trusted users and administrators.
Note : a trusted user can only delete spaces on which he/she is space manager
"""
app_config = request.registry.settings['CFG']
wapi = WorkspaceApi(
current_user=request.current_user, # User
session=request.dbsession,
config=app_config,
)
wapi.delete(request.current_workspace, flush=True)
return
@hapic.with_api_doc(
tags=[SWAGGER_TAG__WORKSPACE_TRASH_AND_RESTORE_ENDPOINTS])
@hapic.handle_exception(EmptyLabelNotAllowed, HTTPStatus.BAD_REQUEST)
@require_profile_and_workspace_role(
minimal_profile=Group.TIM_MANAGER,
minimal_required_role=UserRoleInWorkspace.WORKSPACE_MANAGER,
allow_superadmin=True)
@hapic.input_path(WorkspaceIdPathSchema())
@hapic.output_body(NoContentSchema(),
default_http_code=HTTPStatus.NO_CONTENT) # nopep8
def undelete_workspace(self,
context,
request: TracimRequest,
hapic_data=None): # nopep8
"""
Restore a deleted space.
Note : a trusted user can only restore spaces on which he/she is space manager
"""
app_config = request.registry.settings['CFG']
wapi = WorkspaceApi(
current_user=request.current_user, # User
session=request.dbsession,
config=app_config,
show_deleted=True,
)
wapi.undelete(request.current_workspace, flush=True)
return
@hapic.with_api_doc(tags=[SWAGGER_TAG__WORKSPACE_MEMBERS_ENDPOINTS])
@require_profile_and_workspace_role(
minimal_profile=Group.TIM_USER,
minimal_required_role=UserRoleInWorkspace.READER,
allow_superadmin=True)
@hapic.input_path(WorkspaceIdPathSchema())
@hapic.output_body(WorkspaceMemberSchema(many=True))
def workspaces_members(
self,
context,
request: TracimRequest,
hapic_data=None) -> typing.List[UserRoleWorkspaceInContext]:
"""
Returns the list of space members with their role, avatar, etc.
"""
app_config = request.registry.settings['CFG']
rapi = RoleApi(
current_user=request.current_user,
session=request.dbsession,
config=app_config,
)
roles = rapi.get_all_for_workspace(request.current_workspace)
return [
rapi.get_user_role_workspace_with_context(user_role)
for user_role in roles
]
@hapic.with_api_doc(tags=[SWAGGER_TAG__WORKSPACE_MEMBERS_ENDPOINTS])
@require_profile_and_workspace_role(
minimal_profile=Group.TIM_USER,
minimal_required_role=UserRoleInWorkspace.READER,
allow_superadmin=True)
@hapic.input_path(WorkspaceAndUserIdPathSchema())
@hapic.output_body(WorkspaceMemberSchema())
def workspaces_member_role(self,
context,
request: TracimRequest,
hapic_data=None) -> UserRoleWorkspaceInContext:
"""
Returns given space member with its role, avatar, etc.
"""
app_config = request.registry.settings['CFG']
rapi = RoleApi(
current_user=request.current_user,
session=request.dbsession,
config=app_config,
)
role = rapi.get_one(
user_id=hapic_data.path.user_id,
workspace_id=hapic_data.path.workspace_id,
)
return rapi.get_user_role_workspace_with_context(role)
@hapic.with_api_doc(tags=[SWAGGER_TAG__WORKSPACE_MEMBERS_ENDPOINTS])
@hapic.handle_exception(UserRoleNotFound, HTTPStatus.BAD_REQUEST)
@require_profile_and_workspace_role(
minimal_profile=Group.TIM_USER,
minimal_required_role=UserRoleInWorkspace.WORKSPACE_MANAGER,
allow_superadmin=True)
@hapic.input_path(WorkspaceAndUserIdPathSchema())
@hapic.input_body(RoleUpdateSchema())
@hapic.output_body(WorkspaceMemberSchema())
def update_workspaces_members_role(
self,
context,
request: TracimRequest,
hapic_data=None) -> UserRoleWorkspaceInContext:
"""
Update role of the given space member.
This feature is for workspace managers, trusted users and administrators.
"""
app_config = request.registry.settings['CFG']
rapi = RoleApi(
current_user=request.current_user,
session=request.dbsession,
config=app_config,
)
role = rapi.get_one(
user_id=hapic_data.path.user_id,
workspace_id=hapic_data.path.workspace_id,
)
workspace_role = WorkspaceRoles.get_role_from_slug(
hapic_data.body.role)
role = rapi.update_role(role, role_level=workspace_role.level)
return rapi.get_user_role_workspace_with_context(role)
@hapic.with_api_doc(tags=[SWAGGER_TAG__WORKSPACE_MEMBERS_ENDPOINTS])
@require_profile_and_workspace_role(
minimal_profile=Group.TIM_USER,
minimal_required_role=UserRoleInWorkspace.WORKSPACE_MANAGER,
allow_superadmin=True)
@hapic.handle_exception(UserRoleNotFound, HTTPStatus.BAD_REQUEST)
@hapic.handle_exception(UserCantRemoveHisOwnRoleInWorkspace,
HTTPStatus.BAD_REQUEST) # nopep8
@hapic.input_path(WorkspaceAndUserIdPathSchema())
@hapic.output_body(NoContentSchema(),
default_http_code=HTTPStatus.NO_CONTENT) # nopep8
def delete_workspaces_members_role(self,
context,
request: TracimRequest,
hapic_data=None) -> None:
"""
Remove the user from the space.
This feature is for workspace managers and administrators.
"""
app_config = request.registry.settings['CFG']
rapi = RoleApi(
current_user=request.current_user,
session=request.dbsession,
config=app_config,
)
rapi.delete_one(
user_id=hapic_data.path.user_id,
workspace_id=hapic_data.path.workspace_id,
)
return
@hapic.with_api_doc(tags=[SWAGGER_TAG__WORKSPACE_MEMBERS_ENDPOINTS])
@hapic.handle_exception(EmailValidationFailed, HTTPStatus.BAD_REQUEST)
@hapic.handle_exception(UserDoesNotExist, HTTPStatus.BAD_REQUEST)
@hapic.handle_exception(UserIsNotActive, HTTPStatus.BAD_REQUEST)
@hapic.handle_exception(UserIsDeleted, HTTPStatus.BAD_REQUEST)
@hapic.handle_exception(RoleAlreadyExistError, HTTPStatus.BAD_REQUEST)
@require_profile_and_workspace_role(
minimal_profile=Group.TIM_USER,
minimal_required_role=UserRoleInWorkspace.WORKSPACE_MANAGER,
allow_superadmin=True)
@hapic.input_path(WorkspaceIdPathSchema())
@hapic.input_body(WorkspaceMemberInviteSchema())
@hapic.output_body(WorkspaceMemberCreationSchema())
def create_workspaces_members_role(
self,
context,
request: TracimRequest,
hapic_data=None) -> UserRoleWorkspaceInContext:
"""
Add a member to this workspace.
This feature is for workspace managers and administrators.
"""
newly_created = False
email_sent = False
app_config = request.registry.settings['CFG']
rapi = RoleApi(
current_user=request.current_user,
session=request.dbsession,
config=app_config,
)
uapi = UserApi(
current_user=request.current_user,
session=request.dbsession,
config=app_config,
show_deactivated=True,
show_deleted=True,
)
try:
_, user = uapi.find(user_id=hapic_data.body.user_id,
email=hapic_data.body.user_email,
public_name=hapic_data.body.user_public_name)
if user.is_deleted:
raise UserIsDeleted(
'This user has been deleted. Unable to invite him.'
) # nopep8
if not user.is_active:
raise UserIsNotActive(
'This user is not activated. Unable to invite him'
) # nopep8
except UserDoesNotExist as exc:
if not uapi.allowed_to_invite_new_user(hapic_data.body.user_email):
raise exc
user = uapi.create_user(email=hapic_data.body.user_email,
password=password_generator(),
do_notify=True)
newly_created = True
if app_config.EMAIL_NOTIFICATION_ACTIVATED and \
app_config.EMAIL_NOTIFICATION_PROCESSING_MODE.lower() == 'sync':
email_sent = True
role = rapi.create_one(
user=user,
workspace=request.current_workspace,
role_level=WorkspaceRoles.get_role_from_slug(
hapic_data.body.role).level, # nopep8
with_notif=False,
flush=True,
)
return rapi.get_user_role_workspace_with_context(
role,
newly_created=newly_created,
email_sent=email_sent,
)
@hapic.with_api_doc(tags=[SWAGGER_TAG__CONTENT_ENDPOINTS])
@require_workspace_role(UserRoleInWorkspace.READER)
@hapic.input_path(WorkspaceIdPathSchema())
@hapic.input_query(FilterContentQuerySchema())
@hapic.output_body(ContentDigestSchema(many=True))
def workspace_content(
self,
context,
request: TracimRequest,
hapic_data=None,
) -> typing.List[ContentInContext]:
"""
return a list of contents of the space.
This is NOT the full content list: by default, returned contents are the ones at root level.
In order to get contents in a given folder, then use parent_id query filter.
You can also show.hide archived/deleted contents.
"""
app_config = request.registry.settings['CFG']
content_filter = hapic_data.query
api = ContentApi(
current_user=request.current_user,
session=request.dbsession,
config=app_config,
show_archived=content_filter.show_archived,
show_deleted=content_filter.show_deleted,
show_active=content_filter.show_active,
)
contents = api.get_all(parent_id=content_filter.parent_id,
workspace=request.current_workspace,
content_type=content_filter.content_type
or content_type_list.Any_SLUG,
label=content_filter.label,
order_by_properties=[Content.label])
contents = [
api.get_content_in_context(content) for content in contents
]
return contents
@hapic.with_api_doc(tags=[SWAGGER_TAG__CONTENT_ENDPOINTS])
@require_workspace_role(UserRoleInWorkspace.CONTRIBUTOR)
@hapic.handle_exception(EmptyLabelNotAllowed, HTTPStatus.BAD_REQUEST)
@hapic.handle_exception(UnallowedSubContent, HTTPStatus.BAD_REQUEST)
@hapic.handle_exception(ContentFilenameAlreadyUsedInFolder,
HTTPStatus.BAD_REQUEST)
@hapic.handle_exception(ParentNotFound, HTTPStatus.BAD_REQUEST)
@hapic.input_path(WorkspaceIdPathSchema())
@hapic.input_body(ContentCreationSchema())
@hapic.output_body(ContentDigestSchema())
def create_generic_empty_content(
self,
context,
request: TracimRequest,
hapic_data=None,
) -> ContentInContext:
"""
Creates a generic empty content. The minimum viable content has a label and a content type.
Creating a content generally starts with a request to this endpoint.
For specific contents like files, it is recommended to use the dedicated endpoint.
This feature is accessible to contributors and higher role only.
"""
app_config = request.registry.settings['CFG']
creation_data = hapic_data.body
api = ContentApi(current_user=request.current_user,
session=request.dbsession,
config=app_config)
parent = None
if creation_data.parent_id:
try:
parent = api.get_one(
content_id=creation_data.parent_id,
content_type=content_type_list.Any_SLUG) # nopep8
except ContentNotFound as exc:
raise ParentNotFound(
'Parent with content_id {} not found'.format(
creation_data.parent_id)) from exc
content = api.create(
label=creation_data.label,
content_type_slug=creation_data.content_type,
workspace=request.current_workspace,
parent=parent,
)
api.save(content, ActionDescription.CREATION)
content = api.get_content_in_context(content)
return content
@hapic.with_api_doc(tags=[SWAGGER_TAG__CONTENT_ENDPOINTS])
@require_workspace_role(UserRoleInWorkspace.READER)
@hapic.input_path(WorkspaceAndContentIdPathSchema())
@hapic.output_body(NoContentSchema(),
default_http_code=HTTPStatus.FOUND) # nopep8
def get_content_from_workspace(
self,
context,
request: TracimRequest,
hapic_data=None,
) -> None:
"""
Convenient route allowing to get detail about a content without to known routes associated to its content type.
This route generate a HTTP 302 with the right url
"""
app_config = request.registry.settings['CFG']
content = request.current_content
content_type = content_type_list.get_one_by_slug(content.type).slug
# TODO - G.M - 2018-08-03 - Jsonify redirect response ?
raise HTTPFound(
"{base_url}workspaces/{workspace_id}/{content_type}s/{content_id}".
format(
base_url=BASE_API_V2,
workspace_id=content.workspace_id,
content_type=content_type,
content_id=content.content_id,
))
@hapic.with_api_doc(tags=[SWAGGER_TAG__CONTENT_ENDPOINTS])
@hapic.input_path(ContentIdPathSchema())
@hapic.output_body(NoContentSchema(),
default_http_code=HTTPStatus.FOUND) # nopep8
def get_content(
self,
context,
request: TracimRequest,
hapic_data=None,
) -> None:
"""
Convenient route allowing to get detail about a content without to known routes associated to its content type.
This route generate a HTTP 302 with the right url
"""
app_config = request.registry.settings['CFG']
api = ContentApi(
current_user=request.current_user,
session=request.dbsession,
config=app_config,
)
content = api.get_one(content_id=hapic_data.path['content_id'],
content_type=content_type_list.Any_SLUG)
content_type = content_type_list.get_one_by_slug(content.type).slug
# TODO - G.M - 2018-08-03 - Jsonify redirect response ?
raise HTTPFound(
"{base_url}workspaces/{workspace_id}/{content_type}s/{content_id}".
format(
base_url=BASE_API_V2,
workspace_id=content.workspace_id,
content_type=content_type,
content_id=content.content_id,
))
@hapic.with_api_doc(tags=[SWAGGER_TAG__CONTENT_ENDPOINTS])
@hapic.handle_exception(WorkspacesDoNotMatch, HTTPStatus.BAD_REQUEST)
@hapic.handle_exception(ContentFilenameAlreadyUsedInFolder,
HTTPStatus.BAD_REQUEST)
@require_workspace_role(UserRoleInWorkspace.CONTENT_MANAGER)
@require_candidate_workspace_role(UserRoleInWorkspace.CONTENT_MANAGER)
@hapic.input_path(WorkspaceAndContentIdPathSchema())
@hapic.input_body(ContentMoveSchema())
@hapic.output_body(ContentDigestSchema())
def move_content(
self,
context,
request: TracimRequest,
hapic_data=None,
) -> ContentInContext:
"""
Move a content to specified new place.
This requires to be content manager in both input and output spaces (which may be the same)
"""
app_config = request.registry.settings['CFG']
path_data = hapic_data.path
move_data = hapic_data.body
api = ContentApi(
show_archived=True,
show_deleted=True,
current_user=request.current_user,
session=request.dbsession,
config=app_config,
)
content = api.get_one(path_data.content_id,
content_type=content_type_list.Any_SLUG)
new_parent = api.get_one(move_data.new_parent_id,
content_type=content_type_list.Any_SLUG)
new_workspace = request.candidate_workspace
with new_revision(session=request.dbsession,
tm=transaction.manager,
content=content):
api.move(
content,
new_parent=new_parent,
new_workspace=new_workspace,
must_stay_in_same_workspace=False,
)
updated_content = api.get_one(path_data.content_id,
content_type=content_type_list.Any_SLUG)
return api.get_content_in_context(updated_content)
@hapic.with_api_doc(
tags=[SWAGGER_TAG__CONTENT_ALL_TRASH_AND_RESTORE_ENDPOINTS]) # nopep8
@require_workspace_role(UserRoleInWorkspace.CONTENT_MANAGER)
@hapic.input_path(WorkspaceAndContentIdPathSchema())
@hapic.output_body(NoContentSchema(),
default_http_code=HTTPStatus.NO_CONTENT) # nopep8
def delete_content(
self,
context,
request: TracimRequest,
hapic_data=None,
) -> None:
"""
Move a content to the trash. After that, the content will be invisible by default.
This action requires the user to be a content manager.
Note: the content is still accessible but becomes read-only.
"""
app_config = request.registry.settings['CFG']
path_data = hapic_data.path
api = ContentApi(
show_archived=True,
show_deleted=True,
current_user=request.current_user,
session=request.dbsession,
config=app_config,
)
content = api.get_one(path_data.content_id,
content_type=content_type_list.Any_SLUG)
with new_revision(session=request.dbsession,
tm=transaction.manager,
content=content):
api.delete(content)
return
@hapic.with_api_doc(
tags=[SWAGGER_TAG__CONTENT_ALL_TRASH_AND_RESTORE_ENDPOINTS]) # nopep8
@require_workspace_role(UserRoleInWorkspace.CONTENT_MANAGER)
@hapic.input_path(WorkspaceAndContentIdPathSchema())
@hapic.output_body(NoContentSchema(),
default_http_code=HTTPStatus.NO_CONTENT) # nopep8
def undelete_content(
self,
context,
request: TracimRequest,
hapic_data=None,
) -> None:
"""
Restore a content from the trash. The content will be visible and editable again.
"""
app_config = request.registry.settings['CFG']
path_data = hapic_data.path
api = ContentApi(
current_user=request.current_user,
session=request.dbsession,
config=app_config,
show_deleted=True,
show_archived=True,
)
content = api.get_one(path_data.content_id,
content_type=content_type_list.Any_SLUG)
with new_revision(session=request.dbsession,
tm=transaction.manager,
content=content):
api.undelete(content)
return
@hapic.with_api_doc(tags=[
SWAGGER_TAG__CONTENT_ALL_ARCHIVE_AND_RESTORE_ENDPOINTS
]) # nopep8
@require_workspace_role(UserRoleInWorkspace.CONTENT_MANAGER)
@hapic.input_path(WorkspaceAndContentIdPathSchema())
@hapic.output_body(NoContentSchema(),
default_http_code=HTTPStatus.NO_CONTENT) # nopep8
def archive_content(
self,
context,
request: TracimRequest,
hapic_data=None,
) -> None:
"""
Archives a content. The content will be invisible but still available.
Difference with delete is that optimizing workspace will not delete archived contents
This action requires the user to be a content manager.
Note: the content is still accessible but becomes read-only.
the difference with delete is that optimizing workspace will not delete archived contents
"""
app_config = request.registry.settings['CFG']
path_data = hapic_data.path
api = ContentApi(
show_archived=True,
show_deleted=True,
current_user=request.current_user,
session=request.dbsession,
config=app_config,
)
content = api.get_one(
path_data.content_id,
content_type=content_type_list.Any_SLUG) # nopep8
with new_revision(session=request.dbsession,
tm=transaction.manager,
content=content):
api.archive(content)
return
@hapic.with_api_doc(tags=[
SWAGGER_TAG__CONTENT_ALL_ARCHIVE_AND_RESTORE_ENDPOINTS
]) # nopep8
@require_workspace_role(UserRoleInWorkspace.CONTENT_MANAGER)
@hapic.input_path(WorkspaceAndContentIdPathSchema())
@hapic.output_body(NoContentSchema(),
default_http_code=HTTPStatus.NO_CONTENT) # nopep8
def unarchive_content(
self,
context,
request: TracimRequest,
hapic_data=None,
) -> None:
"""
Restore a content from archive. The content will be visible and editable again.
"""
app_config = request.registry.settings['CFG']
path_data = hapic_data.path
api = ContentApi(
current_user=request.current_user,
session=request.dbsession,
config=app_config,
show_archived=True,
show_deleted=True,
)
content = api.get_one(path_data.content_id,
content_type=content_type_list.Any_SLUG)
with new_revision(session=request.dbsession,
tm=transaction.manager,
content=content):
api.unarchive(content)
return
def bind(self, configurator: Configurator) -> None:
"""
Create all routes and views using
pyramid configurator for this controller
"""
# Workspaces
configurator.add_route('workspaces',
'/workspaces',
request_method='GET') # nopep8
configurator.add_view(self.workspaces, route_name='workspaces')
# Workspace
configurator.add_route('workspace',
'/workspaces/{workspace_id}',
request_method='GET') # nopep8
configurator.add_view(self.workspace, route_name='workspace')
# Create workspace
configurator.add_route('create_workspace',
'/workspaces',
request_method='POST') # nopep8
configurator.add_view(self.create_workspace,
route_name='create_workspace') # nopep8
# Delete/Undelete workpace
configurator.add_route('delete_workspace',
'/workspaces/{workspace_id}/trashed',
request_method='PUT') # nopep8
configurator.add_view(self.delete_workspace,
route_name='delete_workspace') # nopep8
configurator.add_route('undelete_workspace',
'/workspaces/{workspace_id}/trashed/restore',
request_method='PUT') # nopep8
configurator.add_view(self.undelete_workspace,
route_name='undelete_workspace') # nopep8
# Update Workspace
configurator.add_route('update_workspace',
'/workspaces/{workspace_id}',
request_method='PUT') # nopep8
configurator.add_view(self.update_workspace,
route_name='update_workspace') # nopep8
# Workspace Members (Roles)
configurator.add_route('workspace_members',
'/workspaces/{workspace_id}/members',
request_method='GET') # nopep8
configurator.add_view(self.workspaces_members,
route_name='workspace_members') # nopep8
# Workspace Members (Role) Individual
configurator.add_route('workspace_member_role',
'/workspaces/{workspace_id}/members/{user_id}',
request_method='GET') # nopep8
configurator.add_view(self.workspaces_member_role,
route_name='workspace_member_role') # nopep8
# Update Workspace Members roles
configurator.add_route('update_workspace_member',
'/workspaces/{workspace_id}/members/{user_id}',
request_method='PUT') # nopep8
configurator.add_view(self.update_workspaces_members_role,
route_name='update_workspace_member') # nopep8
# Create Workspace Members roles
configurator.add_route('create_workspace_member',
'/workspaces/{workspace_id}/members',
request_method='POST') # nopep8
configurator.add_view(self.create_workspaces_members_role,
route_name='create_workspace_member') # nopep8
# Delete Workspace Members roles
configurator.add_route('delete_workspace_member',
'/workspaces/{workspace_id}/members/{user_id}',
request_method='DELETE') # nopep8
configurator.add_view(self.delete_workspaces_members_role,
route_name='delete_workspace_member') # nopep8
# Workspace Content
configurator.add_route('workspace_content',
'/workspaces/{workspace_id}/contents',
request_method='GET') # nopep8
configurator.add_view(self.workspace_content,
route_name='workspace_content') # nopep8
# Create Generic Content
configurator.add_route('create_generic_content',
'/workspaces/{workspace_id}/contents',
request_method='POST') # nopep8
configurator.add_view(self.create_generic_empty_content,
route_name='create_generic_content') # nopep8
# Get Content
configurator.add_route('get_content',
'/contents/{content_id}',
request_method='GET') # nopep8
configurator.add_view(self.get_content, route_name='get_content')
# Get Content From workspace
configurator.add_route(
'get_content_from_workspace',
'/workspaces/{workspace_id}/contents/{content_id}',
request_method='GET') # nopep8
configurator.add_view(
self.get_content_from_workspace,
route_name='get_content_from_workspace') # nopep8
# Move Content
configurator.add_route(
'move_content',
'/workspaces/{workspace_id}/contents/{content_id}/move',
request_method='PUT') # nopep8
configurator.add_view(self.move_content,
route_name='move_content') # nopep8
# Delete/Undelete Content
configurator.add_route(
'delete_content',
'/workspaces/{workspace_id}/contents/{content_id}/trashed',
request_method='PUT') # nopep8
configurator.add_view(self.delete_content,
route_name='delete_content') # nopep8
configurator.add_route(
'undelete_content',
'/workspaces/{workspace_id}/contents/{content_id}/trashed/restore',
request_method='PUT') # nopep8
configurator.add_view(self.undelete_content,
route_name='undelete_content') # nopep8
# # Archive/Unarchive Content
configurator.add_route(
'archive_content',
'/workspaces/{workspace_id}/contents/{content_id}/archived',
request_method='PUT') # nopep8
configurator.add_view(self.archive_content,
route_name='archive_content') # nopep8
configurator.add_route(
'unarchive_content',
'/workspaces/{workspace_id}/contents/{content_id}/archived/restore',
request_method='PUT') # nopep8
configurator.add_view(self.unarchive_content,
route_name='unarchive_content') # nopep8
class WorkspaceController(Controller):
@hapic.with_api_doc(tags=[SWAGGER_TAG__WORKSPACE_ENDPOINTS])
@check_right(can_see_workspace_information)
@hapic.input_path(WorkspaceIdPathSchema())
@hapic.output_body(WorkspaceSchema())
def workspace(self, context, request: TracimRequest, hapic_data=None):
"""
Get workspace informations
"""
app_config = request.registry.settings["CFG"] # type: CFG
wapi = WorkspaceApi(
current_user=request.current_user,
session=request.dbsession,
config=app_config # User
)
return wapi.get_workspace_with_context(request.current_workspace)
@hapic.with_api_doc(tags=[SWAGGER_TAG__WORKSPACE_ENDPOINTS])
@check_right(can_see_workspace_information)
@hapic.input_path(WorkspaceIdPathSchema())
@hapic.output_body(WorkspaceDiskSpaceSchema())
def workspace_disk_space(self,
context,
request: TracimRequest,
hapic_data=None):
"""
Get workspace space info
"""
app_config = request.registry.settings["CFG"] # type: CFG
wapi = WorkspaceApi(
current_user=request.current_user,
session=request.dbsession,
config=app_config # User
)
return wapi.get_workspace_with_context(request.current_workspace)
@hapic.with_api_doc(tags=[SWAGGER_TAG__WORKSPACE_ENDPOINTS])
@check_right(is_administrator)
@hapic.input_query(WorkspaceFilterQuerySchema())
@hapic.output_body(WorkspaceSchema(many=True))
def workspaces(self, context, request: TracimRequest, hapic_data=None):
"""
Returns the list of all workspaces. This route is for admin only.
Standard users must use their own route: /api/users/me/workspaces
Filtering by parent_ids is possible through this endpoint
"""
app_config = request.registry.settings["CFG"] # type: CFG
wapi = WorkspaceApi(
current_user=request.current_user,
session=request.dbsession,
config=app_config # User
)
workspaces = wapi.get_all_children(
parent_ids=hapic_data.query.parent_ids)
return [
wapi.get_workspace_with_context(workspace)
for workspace in workspaces
]
@hapic.with_api_doc(tags=[SWAGGER_TAG__WORKSPACE_ENDPOINTS])
@hapic.handle_exception(EmptyLabelNotAllowed, HTTPStatus.BAD_REQUEST)
@hapic.handle_exception(DisallowedWorkspaceAccessType,
HTTPStatus.BAD_REQUEST)
@check_right(can_modify_workspace)
@hapic.input_path(WorkspaceIdPathSchema())
@hapic.input_body(WorkspaceModifySchema())
@hapic.output_body(WorkspaceSchema())
def update_workspace(self,
context,
request: TracimRequest,
hapic_data=None):
"""
Update a workspace. This route is for trusted users and administrators.
Note : a trusted user can only update spaces on which he/she is space manager
"""
app_config = request.registry.settings["CFG"] # type: CFG
wapi = WorkspaceApi(
current_user=request.current_user,
session=request.dbsession,
config=app_config # User
)
wapi.update_workspace(
request.current_workspace,
label=hapic_data.body.label,
description=hapic_data.body.description,
agenda_enabled=hapic_data.body.agenda_enabled,
public_download_enabled=hapic_data.body.public_download_enabled,
public_upload_enabled=hapic_data.body.public_upload_enabled,
default_user_role=hapic_data.body.default_user_role,
save_now=True,
)
wapi.execute_update_workspace_actions(request.current_workspace)
return wapi.get_workspace_with_context(request.current_workspace)
@hapic.with_api_doc(tags=[SWAGGER_TAG__WORKSPACE_ENDPOINTS])
@hapic.handle_exception(EmptyLabelNotAllowed, HTTPStatus.BAD_REQUEST)
@hapic.handle_exception(DisallowedWorkspaceAccessType,
HTTPStatus.BAD_REQUEST)
@hapic.handle_exception(UserNotAllowedToCreateMoreWorkspace,
HTTPStatus.BAD_REQUEST)
@check_right(is_trusted_user)
@hapic.input_body(WorkspaceCreationSchema())
@hapic.output_body(WorkspaceSchema())
def create_workspace(self,
context,
request: TracimRequest,
hapic_data=None):
"""
Create a workspace. This route is for trusted users and administrators.
"""
app_config = request.registry.settings["CFG"] # type: CFG
wapi = WorkspaceApi(
current_user=request.current_user,
session=request.dbsession,
config=app_config # User
)
parent = None
if hapic_data.body.parent_id:
parent = wapi.get_one(workspace_id=hapic_data.body.parent_id)
workspace = wapi.create_workspace(
label=hapic_data.body.label,
description=hapic_data.body.description,
access_type=hapic_data.body.access_type,
save_now=True,
agenda_enabled=hapic_data.body.agenda_enabled,
public_download_enabled=hapic_data.body.public_download_enabled,
public_upload_enabled=hapic_data.body.public_upload_enabled,
default_user_role=hapic_data.body.default_user_role,
parent=parent,
)
wapi.execute_created_workspace_actions(workspace)
return wapi.get_workspace_with_context(workspace)
@hapic.with_api_doc(
tags=[SWAGGER_TAG__WORKSPACE_TRASH_AND_RESTORE_ENDPOINTS])
@hapic.handle_exception(EmptyLabelNotAllowed, HTTPStatus.BAD_REQUEST)
@check_right(can_delete_workspace)
@hapic.input_path(WorkspaceIdPathSchema())
@hapic.output_body(NoContentSchema(),
default_http_code=HTTPStatus.NO_CONTENT)
def delete_workspace(self,
context,
request: TracimRequest,
hapic_data=None):
"""
Delete a workspace. This route is for trusted users and administrators.
Note : a trusted user can only delete spaces on which he/she is space manager
"""
app_config = request.registry.settings["CFG"] # type: CFG
wapi = WorkspaceApi(
current_user=request.current_user,
session=request.dbsession,
config=app_config # User
)
wapi.delete(request.current_workspace, flush=True)
return
@hapic.with_api_doc(
tags=[SWAGGER_TAG__WORKSPACE_TRASH_AND_RESTORE_ENDPOINTS])
@hapic.handle_exception(EmptyLabelNotAllowed, HTTPStatus.BAD_REQUEST)
@check_right(can_delete_workspace)
@hapic.input_path(WorkspaceIdPathSchema())
@hapic.output_body(NoContentSchema(),
default_http_code=HTTPStatus.NO_CONTENT)
def undelete_workspace(self,
context,
request: TracimRequest,
hapic_data=None):
"""
Restore a deleted space.
Note : a trusted user can only restore spaces on which he/she is space manager
"""
app_config = request.registry.settings["CFG"] # type: CFG
wapi = WorkspaceApi(
current_user=request.current_user, # User
session=request.dbsession,
config=app_config,
show_deleted=True,
)
wapi.undelete(request.current_workspace, flush=True)
return
@hapic.with_api_doc(tags=[SWAGGER_TAG__WORKSPACE_MEMBERS_ENDPOINTS])
@check_right(can_see_workspace_information)
@hapic.input_path(WorkspaceIdPathSchema())
@hapic.input_query(WorkspaceMemberFilterQuerySchema())
@hapic.output_body(WorkspaceMemberSchema(many=True))
def workspaces_members(
self,
context,
request: TracimRequest,
hapic_data=None) -> typing.List[UserRoleWorkspaceInContext]:
"""
Returns the list of space members with their role, avatar, etc.
"""
app_config = request.registry.settings["CFG"] # type: CFG
rapi = RoleApi(
current_user=request.current_user,
session=request.dbsession,
config=app_config,
show_disabled_user=hapic_data.query.show_disabled_user,
)
roles = rapi.get_all_for_workspace(workspace=request.current_workspace)
return [
rapi.get_user_role_workspace_with_context(user_role)
for user_role in roles
]
@hapic.with_api_doc(tags=[SWAGGER_TAG__WORKSPACE_MEMBERS_ENDPOINTS])
@check_right(can_see_workspace_information)
@hapic.input_path(WorkspaceAndUserIdPathSchema())
@hapic.output_body(WorkspaceMemberSchema())
def workspaces_member_role(self,
context,
request: TracimRequest,
hapic_data=None) -> UserRoleWorkspaceInContext:
"""
Returns given space member with its role, avatar, etc.
"""
app_config = request.registry.settings["CFG"] # type: CFG
rapi = RoleApi(current_user=request.current_user,
session=request.dbsession,
config=app_config)
role = rapi.get_one(user_id=hapic_data.path.user_id,
workspace_id=hapic_data.path.workspace_id)
return rapi.get_user_role_workspace_with_context(role)
@hapic.with_api_doc(tags=[SWAGGER_TAG__WORKSPACE_MEMBERS_ENDPOINTS])
@hapic.handle_exception(UserRoleNotFound, HTTPStatus.BAD_REQUEST)
@check_right(can_modify_workspace)
@hapic.handle_exception(LastWorkspaceManagerRoleCantBeModified,
HTTPStatus.BAD_REQUEST)
@hapic.input_path(WorkspaceAndUserIdPathSchema())
@hapic.input_body(RoleUpdateSchema())
@hapic.output_body(WorkspaceMemberSchema())
def update_workspaces_members_role(
self,
context,
request: TracimRequest,
hapic_data=None) -> UserRoleWorkspaceInContext:
"""
Update role of the given space member.
This feature is for workspace managers, trusted users and administrators.
"""
app_config = request.registry.settings["CFG"] # type: CFG
rapi = RoleApi(current_user=request.current_user,
session=request.dbsession,
config=app_config)
role = rapi.get_one(user_id=hapic_data.path.user_id,
workspace_id=hapic_data.path.workspace_id)
role = rapi.update_role(role, role_level=hapic_data.body.role.level)
return rapi.get_user_role_workspace_with_context(role)
@hapic.with_api_doc(tags=[SWAGGER_TAG__WORKSPACE_MEMBERS_ENDPOINTS])
@check_right(can_leave_workspace)
@hapic.handle_exception(UserRoleNotFound, HTTPStatus.BAD_REQUEST)
@hapic.handle_exception(LastWorkspaceManagerRoleCantBeModified,
HTTPStatus.BAD_REQUEST)
@hapic.input_path(WorkspaceAndUserIdPathSchema())
@hapic.output_body(NoContentSchema(),
default_http_code=HTTPStatus.NO_CONTENT)
def delete_workspaces_members_role(self,
context,
request: TracimRequest,
hapic_data=None) -> None:
"""
Remove the user from the space.
This feature is for workspace managers and administrators.
"""
app_config = request.registry.settings["CFG"] # type: CFG
rapi = RoleApi(current_user=request.current_user,
session=request.dbsession,
config=app_config)
rapi.delete_one(user_id=hapic_data.path.user_id,
workspace_id=hapic_data.path.workspace_id)
return
@hapic.with_api_doc(tags=[SWAGGER_TAG__WORKSPACE_MEMBERS_ENDPOINTS])
@hapic.handle_exception(EmailValidationFailed, HTTPStatus.BAD_REQUEST)
@hapic.handle_exception(UserIsNotActive, HTTPStatus.BAD_REQUEST)
@hapic.handle_exception(UserIsDeleted, HTTPStatus.BAD_REQUEST)
@hapic.handle_exception(RoleAlreadyExistError, HTTPStatus.BAD_REQUEST)
@check_right(can_modify_workspace)
@hapic.input_path(WorkspaceIdPathSchema())
@hapic.input_body(WorkspaceMemberInviteSchema())
@hapic.output_body(WorkspaceMemberCreationSchema())
def create_workspaces_members_role(
self,
context,
request: TracimRequest,
hapic_data=None) -> UserRoleWorkspaceInContext:
"""
Add a member to this workspace.
This feature is for workspace managers and administrators.
"""
newly_created = False
email_sent = False
app_config = request.registry.settings["CFG"] # type: CFG
rapi = RoleApi(current_user=request.current_user,
session=request.dbsession,
config=app_config)
uapi = UserApi(
current_user=request.current_user,
session=request.dbsession,
config=app_config,
show_deactivated=True,
show_deleted=True,
)
try:
if hapic_data.body.user_id:
user = uapi.get_one(hapic_data.body.user_id)
elif hapic_data.body.user_email:
user = uapi.get_one_by_email(hapic_data.body.user_email)
else:
user = uapi.get_one_by_username(hapic_data.body.user_username)
if user.is_deleted:
raise UserIsDeleted(
"This user has been deleted. Unable to invite him.")
if not user.is_active:
raise UserIsNotActive(
"This user is not activated. Unable to invite him")
except UserDoesNotExist as exc:
if not uapi.allowed_to_invite_new_user(hapic_data.body.user_email):
raise exc
if app_config.NEW_USER__INVITATION__DO_NOTIFY:
user = uapi.create_user(
auth_type=AuthType.UNKNOWN,
email=hapic_data.body.user_email,
password=password_generator(),
do_notify=True,
)
if (app_config.EMAIL__NOTIFICATION__ACTIVATED
and app_config.NEW_USER__INVITATION__DO_NOTIFY
and app_config.JOBS__PROCESSING_MODE
== app_config.CST.SYNC):
email_sent = True
else:
user = uapi.create_user(
auth_type=AuthType.UNKNOWN,
email=hapic_data.body.user_email,
password=None,
do_notify=False,
)
uapi.execute_created_user_actions(user)
newly_created = True
role = rapi.create_one(
user=user,
workspace=request.current_workspace,
role_level=WorkspaceRoles.get_role_from_slug(
hapic_data.body.role).level,
with_notif=app_config.EMAIL__NOTIFICATION__ENABLED_ON_INVITATION,
flush=True,
)
return rapi.get_user_role_workspace_with_context(
role, newly_created=newly_created, email_sent=email_sent)
@hapic.with_api_doc(tags=[SWAGGER_TAG__WORKSPACE_SUBSCRIPTION_ENDPOINTS])
@check_right(can_modify_workspace)
@hapic.input_path(WorkspaceIdPathSchema())
@hapic.output_body(WorkspaceSubscriptionSchema(many=True))
def workspace_subscriptions(
self,
context,
request: TracimRequest,
hapic_data=None) -> typing.List[WorkspaceSubscription]:
subscription_lib = SubscriptionLib(
current_user=request.current_user,
session=request.dbsession,
config=request.app_config,
)
return subscription_lib.get_workspace_subscriptions(
request.current_workspace.workspace_id)
@hapic.with_api_doc(tags=[SWAGGER_TAG__WORKSPACE_SUBSCRIPTION_ENDPOINTS])
@check_right(can_modify_workspace)
@hapic.handle_exception(RoleAlreadyExistError, HTTPStatus.BAD_REQUEST)
@hapic.input_path(WorkspaceAndUserIdPathSchema())
@hapic.input_body(RoleUpdateSchema())
@hapic.output_body(NoContentSchema(),
default_http_code=HTTPStatus.NO_CONTENT)
def accept_subscription(
self,
context,
request: TracimRequest,
hapic_data=None) -> typing.List[WorkspaceSubscription]:
subscription_lib = SubscriptionLib(
current_user=request.current_user,
session=request.dbsession,
config=request.app_config,
)
subscription = subscription_lib.get_one(
author_id=hapic_data.path.user_id,
workspace_id=hapic_data.path.workspace_id)
subscription_lib.accept_subscription(subscription=subscription,
user_role=hapic_data.body.role)
@hapic.with_api_doc(tags=[SWAGGER_TAG__WORKSPACE_SUBSCRIPTION_ENDPOINTS])
@check_right(can_modify_workspace)
@hapic.input_path(WorkspaceAndUserIdPathSchema())
@hapic.output_body(NoContentSchema(),
default_http_code=HTTPStatus.NO_CONTENT)
def reject_subscription(
self,
context,
request: TracimRequest,
hapic_data=None) -> typing.List[WorkspaceSubscription]:
subscription_lib = SubscriptionLib(
current_user=request.current_user,
session=request.dbsession,
config=request.app_config,
)
subscription = subscription_lib.get_one(
author_id=hapic_data.path.user_id,
workspace_id=hapic_data.path.workspace_id)
subscription_lib.reject_subscription(subscription=subscription)
@hapic.with_api_doc(tags=[SWAGGER_TAG__CONTENT_ENDPOINTS])
@check_right(is_reader)
@hapic.input_path(WorkspaceIdPathSchema())
@hapic.input_query(FilterContentQuerySchema())
@hapic.output_body(ContentDigestSchema(many=True))
def workspace_content(self,
context,
request: TracimRequest,
hapic_data=None) -> typing.List[ContentInContext]:
"""
return a list of contents of the space.
This is NOT the full content list: by default, returned contents are the ones at root level.
In order to get contents in a given folder, then use parent_id query filter.
You can also show.hide archived/deleted contents.
"""
app_config = request.registry.settings["CFG"] # type: CFG
content_filter = hapic_data.query
api = ContentApi(
current_user=request.current_user,
session=request.dbsession,
config=app_config,
namespaces_filter=content_filter.namespaces_filter
or [ContentNamespaces.CONTENT],
show_archived=content_filter.show_archived,
show_deleted=content_filter.show_deleted,
show_active=content_filter.show_active,
)
contents = api.get_all(
parent_ids=content_filter.parent_ids,
complete_path_to_id=content_filter.complete_path_to_id,
workspace=request.current_workspace,
content_type=content_filter.content_type
or content_type_list.Any_SLUG,
label=content_filter.label,
order_by_properties=[Content.label],
)
contents = [
api.get_content_in_context(content) for content in contents
]
return contents
@hapic.with_api_doc(tags=[SWAGGER_TAG__CONTENT_ENDPOINTS])
@hapic.handle_exception(EmptyLabelNotAllowed, HTTPStatus.BAD_REQUEST)
@hapic.handle_exception(UnallowedSubContent, HTTPStatus.BAD_REQUEST)
@hapic.handle_exception(ContentFilenameAlreadyUsedInFolder,
HTTPStatus.BAD_REQUEST)
@hapic.handle_exception(ParentNotFound, HTTPStatus.BAD_REQUEST)
@check_right(can_create_content)
@hapic.input_path(WorkspaceIdPathSchema())
@hapic.input_body(ContentCreationSchema())
@hapic.output_body(ContentDigestSchema())
def create_generic_empty_content(self,
context,
request: TracimRequest,
hapic_data=None) -> ContentInContext:
"""
Creates a generic empty content. The minimum viable content has a label and a content type.
Creating a content generally starts with a request to this endpoint.
For specific contents like files, it is recommended to use the dedicated endpoint.
This feature is accessible to contributors and higher role only.
"""
app_config = request.registry.settings["CFG"] # type: CFG
creation_data = hapic_data.body
api = ContentApi(current_user=request.current_user,
session=request.dbsession,
config=app_config)
parent = None
if creation_data.parent_id:
try:
parent = api.get_one(content_id=creation_data.parent_id,
content_type=content_type_list.Any_SLUG)
except ContentNotFound as exc:
raise ParentNotFound(
"Parent with content_id {} not found".format(
creation_data.parent_id)) from exc
content = api.create(
label=creation_data.label,
content_type_slug=creation_data.content_type,
workspace=request.current_workspace,
parent=parent,
)
api.save(content, ActionDescription.CREATION)
api.execute_created_content_actions(content)
content = api.get_content_in_context(content)
return content
@hapic.with_api_doc(tags=[SWAGGER_TAG__CONTENT_ENDPOINTS])
@check_right(is_reader)
@hapic.input_path(WorkspaceAndContentIdPathSchema())
@hapic.output_body(NoContentSchema(), default_http_code=HTTPStatus.FOUND)
def get_content_from_workspace(self,
context,
request: TracimRequest,
hapic_data=None) -> None:
"""
Convenient route allowing to get detail about a content without to known routes associated to its content type.
This route generate a HTTP 302 with the right url
"""
content = request.current_content
content_type = content_type_list.get_one_by_slug(content.type).slug
# TODO - G.M - 2018-08-03 - Jsonify redirect response ?
raise HTTPFound(
"{base_url}workspaces/{workspace_id}/{content_type}s/{content_id}".
format(
base_url=BASE_API,
workspace_id=content.workspace_id,
content_type=content_type,
content_id=content.content_id,
))
@hapic.with_api_doc(tags=[SWAGGER_TAG__CONTENT_ENDPOINTS])
@hapic.input_path(ContentIdPathSchema())
@hapic.output_body(NoContentSchema(), default_http_code=HTTPStatus.FOUND)
def get_content(self,
context,
request: TracimRequest,
hapic_data=None) -> None:
"""
Convenient route allowing to get detail about a content without to known routes associated to its content type.
This route generate a HTTP 302 with the right url
"""
app_config = request.registry.settings["CFG"] # type: CFG
api = ContentApi(current_user=request.current_user,
session=request.dbsession,
config=app_config)
content = api.get_one(content_id=hapic_data.path["content_id"],
content_type=content_type_list.Any_SLUG)
content_type = content_type_list.get_one_by_slug(content.type).slug
# TODO - G.M - 2018-08-03 - Jsonify redirect response ?
raise HTTPFound(
"{base_url}workspaces/{workspace_id}/{content_type}s/{content_id}".
format(
base_url=BASE_API,
workspace_id=content.workspace_id,
content_type=content_type,
content_id=content.content_id,
))
@hapic.with_api_doc(tags=[SWAGGER_TAG__CONTENT_ENDPOINTS])
@hapic.handle_exception(WorkspacesDoNotMatch, HTTPStatus.BAD_REQUEST)
@hapic.handle_exception(ContentFilenameAlreadyUsedInFolder,
HTTPStatus.BAD_REQUEST)
@hapic.handle_exception(UnallowedSubContent, HTTPStatus.BAD_REQUEST)
@hapic.handle_exception(ConflictingMoveInItself, HTTPStatus.BAD_REQUEST)
@hapic.handle_exception(ConflictingMoveInChild, HTTPStatus.BAD_REQUEST)
@check_right(can_move_content)
@hapic.input_path(WorkspaceAndContentIdPathSchema())
@hapic.input_body(ContentMoveSchema())
@hapic.output_body(ContentDigestSchema())
def move_content(self,
context,
request: TracimRequest,
hapic_data=None) -> ContentInContext:
"""
Move a content to specified new place.
This requires to be content manager in both input and output spaces (which may be the same)
"""
app_config = request.registry.settings["CFG"] # type: CFG
path_data = hapic_data.path
move_data = hapic_data.body
api = ContentApi(
show_archived=True,
show_deleted=True,
current_user=request.current_user,
session=request.dbsession,
config=app_config,
)
content = api.get_one(path_data.content_id,
content_type=content_type_list.Any_SLUG)
new_parent = api.get_one(move_data.new_parent_id,
content_type=content_type_list.Any_SLUG)
new_workspace = request.candidate_workspace
with new_revision(session=request.dbsession,
tm=transaction.manager,
content=content):
api.move(
content,
new_parent=new_parent,
new_workspace=new_workspace,
new_content_namespace=ContentNamespaces.CONTENT,
must_stay_in_same_workspace=False,
)
api.execute_update_content_actions(content)
updated_content = api.get_one(path_data.content_id,
content_type=content_type_list.Any_SLUG)
return api.get_content_in_context(updated_content)
@hapic.with_api_doc(
tags=[SWAGGER_TAG__CONTENT_ALL_TRASH_AND_RESTORE_ENDPOINTS])
@check_right(is_content_manager)
@hapic.input_path(WorkspaceAndContentIdPathSchema())
@hapic.output_body(NoContentSchema(),
default_http_code=HTTPStatus.NO_CONTENT)
def delete_content(self,
context,
request: TracimRequest,
hapic_data=None) -> None:
"""
Move a content to the trash. After that, the content will be invisible by default.
This action requires the user to be a content manager.
Note: the content is still accessible but becomes read-only.
"""
app_config = request.registry.settings["CFG"] # type: CFG
path_data = hapic_data.path
api = ContentApi(
show_archived=True,
show_deleted=True,
current_user=request.current_user,
session=request.dbsession,
config=app_config,
)
content = api.get_one(path_data.content_id,
content_type=content_type_list.Any_SLUG)
with new_revision(session=request.dbsession,
tm=transaction.manager,
content=content):
api.delete(content)
api.execute_update_content_actions(content)
return
@hapic.with_api_doc(
tags=[SWAGGER_TAG__CONTENT_ALL_TRASH_AND_RESTORE_ENDPOINTS])
@check_right(is_content_manager)
@hapic.input_path(WorkspaceAndContentIdPathSchema())
@hapic.output_body(NoContentSchema(),
default_http_code=HTTPStatus.NO_CONTENT)
def undelete_content(self,
context,
request: TracimRequest,
hapic_data=None) -> None:
"""
Restore a content from the trash. The content will be visible and editable again.
"""
app_config = request.registry.settings["CFG"] # type: CFG
path_data = hapic_data.path
api = ContentApi(
current_user=request.current_user,
session=request.dbsession,
config=app_config,
show_deleted=True,
show_archived=True,
)
content = api.get_one(path_data.content_id,
content_type=content_type_list.Any_SLUG)
with new_revision(session=request.dbsession,
tm=transaction.manager,
content=content):
api.undelete(content)
api.execute_update_content_actions(content)
return
@hapic.with_api_doc(
tags=[SWAGGER_TAG__CONTENT_ALL_ARCHIVE_AND_RESTORE_ENDPOINTS])
@check_right(is_content_manager)
@hapic.input_path(WorkspaceAndContentIdPathSchema())
@hapic.output_body(NoContentSchema(),
default_http_code=HTTPStatus.NO_CONTENT)
def archive_content(self,
context,
request: TracimRequest,
hapic_data=None) -> None:
"""
Archives a content. The content will be invisible but still available.
Difference with delete is that optimizing workspace will not delete archived contents
This action requires the user to be a content manager.
Note: the content is still accessible but becomes read-only.
the difference with delete is that optimizing workspace will not delete archived contents
"""
app_config = request.registry.settings["CFG"] # type: CFG
path_data = hapic_data.path
api = ContentApi(
show_archived=True,
show_deleted=True,
current_user=request.current_user,
session=request.dbsession,
config=app_config,
)
content = api.get_one(path_data.content_id,
content_type=content_type_list.Any_SLUG)
with new_revision(session=request.dbsession,
tm=transaction.manager,
content=content):
api.archive(content)
api.execute_update_content_actions(content)
return
@hapic.with_api_doc(
tags=[SWAGGER_TAG__CONTENT_ALL_ARCHIVE_AND_RESTORE_ENDPOINTS])
@check_right(is_content_manager)
@hapic.input_path(WorkspaceAndContentIdPathSchema())
@hapic.output_body(NoContentSchema(),
default_http_code=HTTPStatus.NO_CONTENT)
def unarchive_content(self,
context,
request: TracimRequest,
hapic_data=None) -> None:
"""
Restore a content from archive. The content will be visible and editable again.
"""
app_config = request.registry.settings["CFG"] # type: CFG
path_data = hapic_data.path
api = ContentApi(
current_user=request.current_user,
session=request.dbsession,
config=app_config,
show_archived=True,
show_deleted=True,
)
content = api.get_one(path_data.content_id,
content_type=content_type_list.Any_SLUG)
with new_revision(session=request.dbsession,
tm=transaction.manager,
content=content):
api.unarchive(content)
api.execute_update_content_actions(content)
return
def bind(self, configurator: Configurator) -> None:
"""
Create all routes and views using
pyramid configurator for this controller
"""
# Workspaces
configurator.add_route("workspaces",
"/workspaces",
request_method="GET")
configurator.add_view(self.workspaces, route_name="workspaces")
# Workspace
configurator.add_route("workspace",
"/workspaces/{workspace_id}",
request_method="GET")
configurator.add_view(self.workspace, route_name="workspace")
# Workspace space
configurator.add_route("workspace_disk_space",
"/workspaces/{workspace_id}/disk_space",
request_method="GET")
configurator.add_view(self.workspace_disk_space,
route_name="workspace_disk_space")
# Create workspace
configurator.add_route("create_workspace",
"/workspaces",
request_method="POST")
configurator.add_view(self.create_workspace,
route_name="create_workspace")
# Delete/Undelete workpace
configurator.add_route("delete_workspace",
"/workspaces/{workspace_id}/trashed",
request_method="PUT")
configurator.add_view(self.delete_workspace,
route_name="delete_workspace")
configurator.add_route("undelete_workspace",
"/workspaces/{workspace_id}/trashed/restore",
request_method="PUT")
configurator.add_view(self.undelete_workspace,
route_name="undelete_workspace")
# Update Workspace
configurator.add_route("update_workspace",
"/workspaces/{workspace_id}",
request_method="PUT")
configurator.add_view(self.update_workspace,
route_name="update_workspace")
# Workspace Members (Roles)
configurator.add_route("workspace_members",
"/workspaces/{workspace_id}/members",
request_method="GET")
configurator.add_view(self.workspaces_members,
route_name="workspace_members")
# Workspace Members (Role) Individual
configurator.add_route(
"workspace_member_role",
"/workspaces/{workspace_id}/members/{user_id}",
request_method="GET",
)
configurator.add_view(self.workspaces_member_role,
route_name="workspace_member_role")
# Update Workspace Members roles
configurator.add_route(
"update_workspace_member",
"/workspaces/{workspace_id}/members/{user_id}",
request_method="PUT",
)
configurator.add_view(self.update_workspaces_members_role,
route_name="update_workspace_member")
# Create Workspace Members roles
configurator.add_route("create_workspace_member",
"/workspaces/{workspace_id}/members",
request_method="POST")
configurator.add_view(self.create_workspaces_members_role,
route_name="create_workspace_member")
# Delete Workspace Members roles
configurator.add_route(
"delete_workspace_member",
"/workspaces/{workspace_id}/members/{user_id}",
request_method="DELETE",
)
configurator.add_view(self.delete_workspaces_members_role,
route_name="delete_workspace_member")
# Workspace Content
configurator.add_route("workspace_content",
"/workspaces/{workspace_id}/contents",
request_method="GET")
configurator.add_view(self.workspace_content,
route_name="workspace_content")
# Create Generic Content
configurator.add_route("create_generic_content",
"/workspaces/{workspace_id}/contents",
request_method="POST")
configurator.add_view(self.create_generic_empty_content,
route_name="create_generic_content")
# Get Content
configurator.add_route("get_content",
"/contents/{content_id}",
request_method="GET")
configurator.add_view(self.get_content, route_name="get_content")
# Get Content From workspace
configurator.add_route(
"get_content_from_workspace",
"/workspaces/{workspace_id}/contents/{content_id}",
request_method="GET",
)
configurator.add_view(self.get_content_from_workspace,
route_name="get_content_from_workspace")
# Move Content
configurator.add_route(
"move_content",
"/workspaces/{workspace_id}/contents/{content_id}/move",
request_method="PUT",
)
configurator.add_view(self.move_content, route_name="move_content")
# Delete/Undelete Content
configurator.add_route(
"delete_content",
"/workspaces/{workspace_id}/contents/{content_id}/trashed",
request_method="PUT",
)
configurator.add_view(self.delete_content, route_name="delete_content")
configurator.add_route(
"undelete_content",
"/workspaces/{workspace_id}/contents/{content_id}/trashed/restore",
request_method="PUT",
)
configurator.add_view(self.undelete_content,
route_name="undelete_content")
# # Archive/Unarchive Content
configurator.add_route(
"archive_content",
"/workspaces/{workspace_id}/contents/{content_id}/archived",
request_method="PUT",
)
configurator.add_view(self.archive_content,
route_name="archive_content")
configurator.add_route(
"unarchive_content",
"/workspaces/{workspace_id}/contents/{content_id}/archived/restore",
request_method="PUT",
)
configurator.add_view(self.unarchive_content,
route_name="unarchive_content")
# Subscriptions
configurator.add_route(
"workspace_subscriptions",
"/workspaces/{workspace_id}/subscriptions",
request_method="GET",
)
configurator.add_view(self.workspace_subscriptions,
route_name="workspace_subscriptions")
configurator.add_route(
"accept_subscription",
"/workspaces/{workspace_id}/subscriptions/{user_id}/accept",
request_method="PUT",
)
configurator.add_view(self.accept_subscription,
route_name="accept_subscription")
configurator.add_route(
"reject_subscription",
"/workspaces/{workspace_id}/subscriptions/{user_id}/reject",
request_method="PUT",
)
configurator.add_view(self.reject_subscription,
route_name="reject_subscription")
def test_unit__get_receiver_ids_workspace_subscription_event__reject_subscription(
self,
session: TracimSession,
user_api_factory: UserApiFactory,
subscription_lib_factory: SubscriptionLibFactory,
admin_user: User,
workspace_api_factory: WorkspaceApiFactory,
role_api_factory: RoleApiFactory,
):
user_api = user_api_factory.get()
profile = Profile.USER
subscriber = user_api.create_user(
"*****@*****.**",
password="******",
do_save=True,
do_notify=False,
profile=profile,
)
workspace_content_manager = user_api.create_user(
"*****@*****.**",
password="******",
do_save=True,
do_notify=False,
profile=profile,
)
workspace_manager = user_api.create_user(
"*****@*****.**",
password="******",
do_save=True,
do_notify=False,
profile=profile,
)
other_user = user_api.create_user(
"*****@*****.**",
password="******",
do_save=True,
do_notify=False,
profile=profile,
)
workspace_api = workspace_api_factory.get(current_user=admin_user)
my_workspace = workspace_api.create_workspace(
"test workspace", save_now=True, access_type=WorkspaceAccessType.ON_REQUEST
)
workspace_in_context = workspace_api.get_workspace_with_context(my_workspace)
subscription_lib = subscription_lib_factory.get(current_user=subscriber)
rapi = role_api_factory.get(current_user=subscriber)
rapi.create_one(
workspace_content_manager, my_workspace, UserRoleInWorkspace.CONTENT_MANAGER, False
)
rapi.create_one(
workspace_manager, my_workspace, UserRoleInWorkspace.WORKSPACE_MANAGER, False
)
subscription = subscription_lib.submit_subscription(my_workspace)
subscription_lib.reject_subscription(subscription)
transaction.commit()
fields = {
Event.AUTHOR_FIELD: UserSchema().dump(user_api.get_user_with_context(admin_user)).data,
Event.WORKSPACE_FIELD: WorkspaceSchema().dump(workspace_in_context).data,
Event.SUBSCRIPTION_FIELD: WorkspaceSubscriptionSchema().dump(subscription).data,
}
event = Event(
entity_type=EntityType.WORKSPACE_SUBSCRIPTION,
operation=OperationType.MODIFIED,
fields=fields,
)
receivers_ids = FakeLiveMessageBuilder()._get_receiver_ids(event, session)
assert subscriber.user_id in receivers_ids
assert workspace_manager.user_id in receivers_ids
assert admin_user.user_id in receivers_ids
assert workspace_content_manager.user_id not in receivers_ids
assert other_user.user_id not in receivers_ids
class UserController(Controller):
@hapic.with_api_doc(tags=[SWAGGER_TAG__USER_CONTENT_ENDPOINTS])
@check_right(has_personal_access)
@hapic.input_path(UserIdPathSchema())
@hapic.input_query(UserWorkspaceFilterQuerySchema())
@hapic.output_body(WorkspaceSchema(many=True))
def user_workspace(self, context, request: TracimRequest, hapic_data=None):
"""
Get list of user workspaces
"""
app_config = request.registry.settings["CFG"] # type: CFG
wapi = WorkspaceApi(
current_user=request.candidate_user, # User
session=request.dbsession,
config=app_config,
)
workspaces = wapi.get_all_for_user(
request.candidate_user,
include_owned=hapic_data.query.show_owned_workspace,
include_with_role=hapic_data.query.show_workspace_with_role,
parents_ids=hapic_data.query.parent_ids,
)
return [wapi.get_workspace_with_context(workspace) for workspace in workspaces]
@hapic.with_api_doc(tags=[SWAGGER_TAG__USER_CONTENT_ENDPOINTS])
@hapic.handle_exception(WorkspaceNotFound, HTTPStatus.BAD_REQUEST)
@hapic.handle_exception(RoleAlreadyExistError, HTTPStatus.BAD_REQUEST)
@check_right(has_personal_access)
@hapic.input_path(UserIdPathSchema())
@hapic.input_body(WorkspaceIdSchema())
@hapic.output_body(WorkspaceSchema())
def join_workspace(self, context, request: TracimRequest, hapic_data=None):
"""
Join a workspace.
Only possible for OPEN workspaces.
Subscribing to a ON_REQUEST workspace is done through /api/users/<user_id>/workspace_subscriptions.
"""
app_config = request.registry.settings["CFG"] # type: CFG
wapi = WorkspaceApi(
current_user=request.candidate_user, # User
session=request.dbsession,
config=app_config,
)
workspace = wapi.add_current_user_as_member(workspace_id=hapic_data.body["workspace_id"])
return wapi.get_workspace_with_context(workspace)
@hapic.with_api_doc(tags=[SWAGGER_TAG__USER_ENDPOINTS])
@check_right(has_personal_access)
@hapic.input_path(UserIdPathSchema())
@hapic.output_body(UserSchema())
def user(self, context, request: TracimRequest, hapic_data=None):
"""
Get user infos.
"""
app_config = request.registry.settings["CFG"] # type: CFG
uapi = UserApi(
current_user=request.current_user, session=request.dbsession, config=app_config # User
)
return uapi.get_user_with_context(request.candidate_user)
@hapic.with_api_doc(tags=[SWAGGER_TAG__USER_ENDPOINTS])
@check_right(has_personal_access)
@hapic.input_path(UserIdPathSchema())
@hapic.output_body(UserDiskSpaceSchema())
def user_disk_space(self, context, request: TracimRequest, hapic_data=None):
"""
Get user space infos.
"""
app_config = request.registry.settings["CFG"] # type: CFG
uapi = UserApi(
current_user=request.current_user, session=request.dbsession, config=app_config # User
)
return uapi.get_user_with_context(request.candidate_user)
@hapic.with_api_doc(tags=[SWAGGER_TAG__USER_ENDPOINTS])
@check_right(is_administrator)
@hapic.output_body(UserDigestSchema(many=True))
def users(self, context, request: TracimRequest, hapic_data=None):
"""
Get all users
"""
app_config = request.registry.settings["CFG"] # type: CFG
uapi = UserApi(
current_user=request.current_user, session=request.dbsession, config=app_config # User
)
users = uapi.get_all()
context_users = [uapi.get_user_with_context(user) for user in users]
return context_users
@hapic.with_api_doc(tags=[SWAGGER_TAG__USER_ENDPOINTS])
@check_right(has_personal_access)
@hapic.input_path(UserIdPathSchema())
@hapic.input_query(KnownMembersQuerySchema())
@hapic.output_body(UserDigestSchema(many=True))
@hapic.handle_exception(CannotUseBothIncludeAndExcludeWorkspaceUsers, HTTPStatus.BAD_REQUEST)
@hapic.handle_exception(TooShortAutocompleteString, HTTPStatus.BAD_REQUEST)
def known_members(self, context, request: TracimRequest, hapic_data=None):
"""
Get known users list
"""
app_config = request.registry.settings["CFG"] # type: CFG
uapi = UserApi(
current_user=request.candidate_user, # User
session=request.dbsession,
config=app_config,
show_deactivated=False,
)
users = uapi.get_known_users(
acp=hapic_data.query.acp,
exclude_user_ids=hapic_data.query.exclude_user_ids,
exclude_workspace_ids=hapic_data.query.exclude_workspace_ids,
include_workspace_ids=hapic_data.query.include_workspace_ids,
limit=hapic_data.query.limit,
filter_results=app_config.KNOWN_MEMBERS__FILTER,
)
context_users = [uapi.get_user_with_context(user) for user in users]
return context_users
@hapic.with_api_doc(tags=[SWAGGER_TAG__USER_ENDPOINTS])
@hapic.handle_exception(WrongUserPassword, HTTPStatus.FORBIDDEN)
@hapic.handle_exception(EmailAlreadyExists, HTTPStatus.BAD_REQUEST)
@hapic.handle_exception(ExternalAuthUserEmailModificationDisallowed, HTTPStatus.BAD_REQUEST)
@check_right(has_personal_access)
@hapic.input_body(SetEmailSchema())
@hapic.input_path(UserIdPathSchema())
@hapic.output_body(UserSchema())
def set_user_email(self, context, request: TracimRequest, hapic_data=None):
"""
Set user Email
"""
app_config = request.registry.settings["CFG"] # type: CFG
uapi = UserApi(
current_user=request.current_user, session=request.dbsession, config=app_config # User
)
user = uapi.set_email(
request.candidate_user,
hapic_data.body.loggedin_user_password,
hapic_data.body.email,
do_save=True,
)
return uapi.get_user_with_context(user)
@hapic.with_api_doc(tags=[SWAGGER_TAG__USER_ENDPOINTS])
@hapic.handle_exception(WrongUserPassword, HTTPStatus.FORBIDDEN)
@hapic.handle_exception(UsernameAlreadyExists, HTTPStatus.BAD_REQUEST)
@hapic.handle_exception(ReservedUsernameError, HTTPStatus.BAD_REQUEST)
@hapic.handle_exception(TracimValidationFailed, HTTPStatus.BAD_REQUEST)
@check_right(has_personal_access)
@hapic.input_body(SetUsernameSchema())
@hapic.input_path(UserIdPathSchema())
@hapic.output_body(UserSchema())
def set_user_username(self, context, request: TracimRequest, hapic_data=None):
"""
Set user username
"""
app_config = request.registry.settings["CFG"] # type: CFG
uapi = UserApi(
current_user=request.current_user, session=request.dbsession, config=app_config # User
)
user = uapi.set_username(
request.candidate_user,
hapic_data.body.loggedin_user_password,
hapic_data.body.username,
do_save=True,
)
return uapi.get_user_with_context(user)
@hapic.with_api_doc(tags=[SWAGGER_TAG__USER_ENDPOINTS])
@hapic.handle_exception(WrongUserPassword, HTTPStatus.FORBIDDEN)
@hapic.handle_exception(PasswordDoNotMatch, HTTPStatus.BAD_REQUEST)
@hapic.handle_exception(ExternalAuthUserPasswordModificationDisallowed, HTTPStatus.BAD_REQUEST)
@check_right(has_personal_access)
@hapic.input_body(SetPasswordSchema())
@hapic.input_path(UserIdPathSchema())
@hapic.output_body(NoContentSchema(), default_http_code=HTTPStatus.NO_CONTENT)
def set_user_password(self, context, request: TracimRequest, hapic_data=None):
"""
Set user password
"""
app_config = request.registry.settings["CFG"] # type: CFG
uapi = UserApi(
current_user=request.current_user, session=request.dbsession, config=app_config # User
)
uapi.set_password(
request.candidate_user,
hapic_data.body.loggedin_user_password,
hapic_data.body.new_password,
hapic_data.body.new_password2,
do_save=True,
)
@hapic.with_api_doc(tags=[SWAGGER_TAG__USER_ENDPOINTS])
@check_right(has_personal_access)
@hapic.input_body(SetUserInfoSchema())
@hapic.input_path(UserIdPathSchema())
@hapic.output_body(UserSchema())
def set_user_infos(self, context, request: TracimRequest, hapic_data=None):
"""
Set user info data
"""
app_config = request.registry.settings["CFG"] # type: CFG
uapi = UserApi(
current_user=request.current_user, session=request.dbsession, config=app_config # User
)
user = uapi.update(
request.candidate_user,
auth_type=request.candidate_user.auth_type,
name=hapic_data.body.public_name,
timezone=hapic_data.body.timezone,
lang=hapic_data.body.lang,
do_save=True,
)
uapi.execute_updated_user_actions(user)
return uapi.get_user_with_context(user)
@hapic.with_api_doc(tags=[SWAGGER_TAG__USER_ENDPOINTS])
@hapic.handle_exception(EmailAlreadyExists, HTTPStatus.BAD_REQUEST)
@hapic.handle_exception(UsernameAlreadyExists, HTTPStatus.BAD_REQUEST)
@hapic.handle_exception(ReservedUsernameError, HTTPStatus.BAD_REQUEST)
@hapic.handle_exception(TracimValidationFailed, HTTPStatus.BAD_REQUEST)
@check_right(is_administrator)
@hapic.input_body(UserCreationSchema())
@hapic.output_body(UserSchema())
def create_user(self, context, request: TracimRequest, hapic_data=None):
"""
Create new user. Note: One of username or email required.
"""
app_config = request.registry.settings["CFG"] # type: CFG
uapi = UserApi(
current_user=request.current_user, session=request.dbsession, config=app_config # User
)
if hapic_data.body.profile:
profile = Profile.get_profile_from_slug(hapic_data.body.profile)
else:
profile = None
password = hapic_data.body.password
if not password and hapic_data.body.email_notification:
password = password_generator()
user = uapi.create_user(
auth_type=AuthType.UNKNOWN,
email=hapic_data.body.email,
password=password,
timezone=hapic_data.body.timezone,
lang=hapic_data.body.lang,
name=hapic_data.body.public_name,
username=hapic_data.body.username,
do_notify=hapic_data.body.email_notification,
allowed_space=hapic_data.body.allowed_space,
profile=profile,
do_save=True,
)
uapi.execute_created_user_actions(user)
return uapi.get_user_with_context(user)
@hapic.with_api_doc(tags=[SWAGGER_TAG__USER_ENABLE_AND_DISABLE_ENDPOINTS])
@check_right(is_administrator)
@hapic.input_path(UserIdPathSchema())
@hapic.output_body(NoContentSchema(), default_http_code=HTTPStatus.NO_CONTENT)
def enable_user(self, context, request: TracimRequest, hapic_data=None):
"""
enable user
"""
app_config = request.registry.settings["CFG"] # type: CFG
uapi = UserApi(
current_user=request.current_user, session=request.dbsession, config=app_config # User
)
uapi.enable(user=request.candidate_user, do_save=True)
@hapic.with_api_doc(tags=[SWAGGER_TAG__USER_TRASH_AND_RESTORE_ENDPOINTS])
@hapic.handle_exception(UserCantDeleteHimself, HTTPStatus.BAD_REQUEST)
@check_right(is_administrator)
@hapic.input_path(UserIdPathSchema())
@hapic.output_body(NoContentSchema(), default_http_code=HTTPStatus.NO_CONTENT)
def delete_user(self, context, request: TracimRequest, hapic_data=None):
"""
delete user
"""
app_config = request.registry.settings["CFG"] # type: CFG
uapi = UserApi(
current_user=request.current_user, session=request.dbsession, config=app_config # User
)
uapi.delete(user=request.candidate_user, do_save=True)
@hapic.with_api_doc(tags=[SWAGGER_TAG__USER_TRASH_AND_RESTORE_ENDPOINTS])
@check_right(is_administrator)
@hapic.input_path(UserIdPathSchema())
@hapic.output_body(NoContentSchema(), default_http_code=HTTPStatus.NO_CONTENT)
def undelete_user(self, context, request: TracimRequest, hapic_data=None):
"""
undelete user
"""
app_config = request.registry.settings["CFG"] # type: CFG
uapi = UserApi(
current_user=request.current_user, # User
session=request.dbsession,
config=app_config,
show_deleted=True,
)
uapi.undelete(user=request.candidate_user, do_save=True)
@hapic.with_api_doc(tags=[SWAGGER_TAG__USER_ENABLE_AND_DISABLE_ENDPOINTS])
@hapic.handle_exception(UserCantDisableHimself, HTTPStatus.BAD_REQUEST)
@check_right(is_administrator)
@hapic.input_path(UserIdPathSchema())
@hapic.output_body(NoContentSchema(), default_http_code=HTTPStatus.NO_CONTENT)
def disable_user(self, context, request: TracimRequest, hapic_data=None):
"""
disable user
"""
app_config = request.registry.settings["CFG"] # type: CFG
uapi = UserApi(
current_user=request.current_user, session=request.dbsession, config=app_config # User
)
uapi.disable(user=request.candidate_user, do_save=True)
return
@hapic.with_api_doc(tags=[SWAGGER_TAG__USER_ENDPOINTS])
@hapic.handle_exception(UserCantChangeIsOwnProfile, HTTPStatus.BAD_REQUEST)
@check_right(is_administrator)
@hapic.input_path(UserIdPathSchema())
@hapic.input_body(SetUserProfileSchema())
@hapic.output_body(NoContentSchema(), default_http_code=HTTPStatus.NO_CONTENT)
def set_profile(self, context, request: TracimRequest, hapic_data=None):
"""
set user profile
"""
app_config = request.registry.settings["CFG"] # type: CFG
uapi = UserApi(
current_user=request.current_user, session=request.dbsession, config=app_config # User
)
profile = Profile.get_profile_from_slug(hapic_data.body.profile)
uapi.update(
user=request.candidate_user,
auth_type=request.candidate_user.auth_type,
profile=profile,
do_save=True,
)
return
@hapic.with_api_doc(tags=[SWAGGER_TAG__USER_ENDPOINTS])
@check_right(is_administrator)
@hapic.input_path(UserIdPathSchema())
@hapic.input_body(SetUserAllowedSpaceSchema())
@hapic.output_body(NoContentSchema(), default_http_code=HTTPStatus.NO_CONTENT)
def set_allowed_space(self, context, request: TracimRequest, hapic_data=None):
"""
set user allowed_space
"""
app_config = request.registry.settings["CFG"] # type: CFG
uapi = UserApi(
current_user=request.current_user, session=request.dbsession, config=app_config # User
)
uapi.update(
user=request.candidate_user,
auth_type=request.candidate_user.auth_type,
allowed_space=hapic_data.body.allowed_space,
do_save=True,
)
return
@hapic.with_api_doc(tags=[SWAGGER_TAG__USER_CONTENT_ENDPOINTS])
@check_right(has_personal_access)
@hapic.input_path(UserWorkspaceIdPathSchema())
@hapic.input_query(ActiveContentFilterQuerySchema())
@hapic.output_body(ContentDigestSchema(many=True))
def last_active_content(self, context, request: TracimRequest, hapic_data=None):
"""
Get last_active_content for user
"""
app_config = request.registry.settings["CFG"] # type: CFG
content_filter = hapic_data.query
api = ContentApi(
current_user=request.candidate_user, # User
session=request.dbsession,
config=app_config,
)
wapi = WorkspaceApi(
current_user=request.candidate_user, # User
session=request.dbsession,
config=app_config,
)
workspace = None
if hapic_data.path.workspace_id:
workspace = wapi.get_one(hapic_data.path.workspace_id)
before_content = None
if content_filter.before_content_id:
before_content = api.get_one(
content_id=content_filter.before_content_id,
workspace=workspace,
content_type=content_type_list.Any_SLUG,
)
last_actives = api.get_last_active(
workspace=workspace, limit=content_filter.limit or None, before_content=before_content
)
return [api.get_content_in_context(content) for content in last_actives]
@hapic.with_api_doc(tags=[SWAGGER_TAG__USER_CONTENT_ENDPOINTS])
@check_right(has_personal_access)
@hapic.input_path(UserWorkspaceIdPathSchema())
@hapic.input_query(ContentIdsQuerySchema())
@hapic.output_body(ReadStatusSchema(many=True))
def contents_read_status(self, context, request: TracimRequest, hapic_data=None):
"""
get user_read status of contents
"""
app_config = request.registry.settings["CFG"] # type: CFG
api = ContentApi(
current_user=request.candidate_user, # User
session=request.dbsession,
config=app_config,
)
wapi = WorkspaceApi(
current_user=request.candidate_user, # User
session=request.dbsession,
config=app_config,
)
workspace = None
if hapic_data.path.workspace_id:
workspace = wapi.get_one(hapic_data.path.workspace_id)
last_actives = api.get_last_active(
workspace=workspace,
limit=None,
before_content=None,
content_ids=hapic_data.query.content_ids or None,
)
return [api.get_content_in_context(content) for content in last_actives]
@hapic.with_api_doc(tags=[SWAGGER_TAG__USER_CONTENT_ENDPOINTS])
@check_right(has_personal_access)
@hapic.input_path(UserWorkspaceAndContentIdPathSchema())
@hapic.output_body(NoContentSchema(), default_http_code=HTTPStatus.NO_CONTENT)
def set_content_as_read(self, context, request: TracimRequest, hapic_data=None):
"""
set user_read status of content to read
"""
app_config = request.registry.settings["CFG"] # type: CFG
api = ContentApi(
show_archived=True,
show_deleted=True,
current_user=request.candidate_user,
session=request.dbsession,
config=app_config,
)
api.mark_read(request.current_content, do_flush=True)
@hapic.with_api_doc(tags=[SWAGGER_TAG__USER_CONTENT_ENDPOINTS])
@check_right(has_personal_access)
@hapic.input_path(UserWorkspaceAndContentIdPathSchema())
@hapic.output_body(NoContentSchema(), default_http_code=HTTPStatus.NO_CONTENT)
def set_content_as_unread(self, context, request: TracimRequest, hapic_data=None):
"""
set user_read status of content to unread
"""
app_config = request.registry.settings["CFG"] # type: CFG
api = ContentApi(
show_archived=True,
show_deleted=True,
current_user=request.candidate_user,
session=request.dbsession,
config=app_config,
)
api.mark_unread(request.current_content, do_flush=True)
@hapic.with_api_doc(tags=[SWAGGER_TAG__USER_CONTENT_ENDPOINTS])
@check_right(has_personal_access)
@hapic.input_path(UserWorkspaceIdPathSchema())
@hapic.output_body(NoContentSchema(), default_http_code=HTTPStatus.NO_CONTENT)
def set_workspace_as_read(self, context, request: TracimRequest, hapic_data=None):
"""
set user_read status of all content of workspace to read
"""
app_config = request.registry.settings["CFG"] # type: CFG
api = ContentApi(
show_archived=True,
show_deleted=True,
current_user=request.candidate_user,
session=request.dbsession,
config=app_config,
)
api.mark_read__workspace(request.current_workspace)
@hapic.with_api_doc(tags=[SWAGGER_TAG__USER_NOTIFICATION_ENDPOINTS])
@check_right(has_personal_access)
@hapic.input_path(UserWorkspaceIdPathSchema())
@hapic.output_body(NoContentSchema(), default_http_code=HTTPStatus.NO_CONTENT)
def enable_workspace_notification(self, context, request: TracimRequest, hapic_data=None):
"""
enable workspace notification
"""
app_config = request.registry.settings["CFG"] # type: CFG
wapi = WorkspaceApi(
current_user=request.candidate_user, # User
session=request.dbsession,
config=app_config,
)
workspace = wapi.get_one(hapic_data.path.workspace_id)
wapi.enable_notifications(request.candidate_user, workspace)
wapi.save(workspace)
@hapic.with_api_doc(tags=[SWAGGER_TAG__USER_NOTIFICATION_ENDPOINTS])
@check_right(has_personal_access)
@hapic.input_path(UserWorkspaceIdPathSchema())
@hapic.output_body(NoContentSchema(), default_http_code=HTTPStatus.NO_CONTENT)
def disable_workspace_notification(self, context, request: TracimRequest, hapic_data=None):
"""
disable workspace notification
"""
app_config = request.registry.settings["CFG"] # type: CFG
wapi = WorkspaceApi(
current_user=request.candidate_user, # User
session=request.dbsession,
config=app_config,
)
workspace = wapi.get_one(hapic_data.path.workspace_id)
wapi.disable_notifications(request.candidate_user, workspace)
wapi.save(workspace)
@hapic.with_api_doc(tags=[SWAGGER_TAG__USER_EVENT_ENDPOINTS])
@check_right(has_personal_access)
@hapic.input_path(UserIdPathSchema())
@hapic.input_query(GetLiveMessageQuerySchema())
@hapic.output_body(LiveMessageSchemaPage())
def get_user_messages(
self, context, request: TracimRequest, hapic_data: HapicData
) -> PaginatedObject:
"""
Returns user messages matching the given query
"""
app_config = request.registry.settings["CFG"] # type: CFG
event_api = EventApi(request.current_user, request.dbsession, app_config)
return PaginatedObject(
event_api.get_paginated_messages_for_user(
user_id=request.candidate_user.user_id,
read_status=hapic_data.query.read_status,
page_token=hapic_data.query.page_token,
count=hapic_data.query.count,
exclude_author_ids=hapic_data.query.exclude_author_ids,
include_event_types=hapic_data.query.include_event_types,
exclude_event_types=hapic_data.query.exclude_event_types,
workspace_ids=hapic_data.query.workspace_ids,
include_not_sent=hapic_data.query.include_not_sent,
related_to_content_ids=hapic_data.query.related_to_content_ids,
)
)
@hapic.with_api_doc(tags=[SWAGGER_TAG__USER_EVENT_ENDPOINTS])
@check_right(has_personal_access)
@hapic.input_path(UserIdPathSchema())
@hapic.input_query(UserMessagesSummaryQuerySchema())
@hapic.output_body(UserMessagesSummarySchema())
def get_user_messages_summary(
self, context, request: TracimRequest, hapic_data: HapicData
) -> UserMessagesSummary:
"""
Returns a summary about messages filtered
"""
app_config = request.registry.settings["CFG"] # type: CFG
event_api = EventApi(request.current_user, request.dbsession, app_config)
candidate_user = UserApi(
request.current_user, request.dbsession, app_config
).get_user_with_context(request.candidate_user)
unread_messages_count = event_api.get_messages_count(
user_id=candidate_user.user_id,
read_status=ReadStatus.UNREAD,
include_event_types=hapic_data.query.include_event_types,
exclude_event_types=hapic_data.query.exclude_event_types,
exclude_author_ids=hapic_data.query.exclude_author_ids,
include_not_sent=hapic_data.query.include_not_sent,
workspace_ids=hapic_data.query.workspace_ids,
related_to_content_ids=hapic_data.query.related_to_content_ids,
)
read_messages_count = event_api.get_messages_count(
user_id=candidate_user.user_id,
read_status=ReadStatus.READ,
include_event_types=hapic_data.query.include_event_types,
exclude_event_types=hapic_data.query.exclude_event_types,
exclude_author_ids=hapic_data.query.exclude_author_ids,
include_not_sent=hapic_data.query.include_not_sent,
workspace_ids=hapic_data.query.workspace_ids,
related_to_content_ids=hapic_data.query.related_to_content_ids,
)
return UserMessagesSummary(
user=candidate_user,
unread_messages_count=unread_messages_count,
read_messages_count=read_messages_count,
)
@hapic.with_api_doc(tags=[SWAGGER_TAG__USER_EVENT_ENDPOINTS])
@check_right(has_personal_access)
@hapic.input_path(UserIdPathSchema())
@hapic.output_body(NoContentSchema(), default_http_code=HTTPStatus.NO_CONTENT)
def set_all_user_messages_as_read(
self, context, request: TracimRequest, hapic_data: HapicData
) -> None:
"""
Read all unread message for user
"""
app_config = request.registry.settings["CFG"] # type: CFG
event_api = EventApi(request.current_user, request.dbsession, app_config)
event_api.mark_user_messages_as_read(request.candidate_user.user_id)
@hapic.with_api_doc(tags=[SWAGGER_TAG__USER_EVENT_ENDPOINTS])
@hapic.handle_exception(MessageDoesNotExist, http_code=HTTPStatus.BAD_REQUEST)
@check_right(has_personal_access)
@hapic.input_path(MessageIdsPathSchema())
@hapic.output_body(NoContentSchema(), default_http_code=HTTPStatus.NO_CONTENT)
def set_message_as_read(self, context, request: TracimRequest, hapic_data: HapicData) -> None:
"""
Read one message
"""
app_config = request.registry.settings["CFG"] # type: CFG
event_api = EventApi(request.current_user, request.dbsession, app_config)
event_api.mark_user_message_as_read(
event_id=hapic_data.path.event_id, user_id=request.candidate_user.user_id
)
@hapic.with_api_doc(tags=[SWAGGER_TAG__USER_EVENT_ENDPOINTS])
@hapic.handle_exception(MessageDoesNotExist, http_code=HTTPStatus.BAD_REQUEST)
@check_right(has_personal_access)
@hapic.input_path(MessageIdsPathSchema())
@hapic.output_body(NoContentSchema(), default_http_code=HTTPStatus.NO_CONTENT)
def set_message_as_unread(self, context, request: TracimRequest, hapic_data: HapicData) -> None:
"""
unread one message
"""
app_config = request.registry.settings["CFG"] # type: CFG
event_api = EventApi(request.current_user, request.dbsession, app_config)
event_api.mark_user_message_as_unread(
event_id=hapic_data.path.event_id, user_id=request.candidate_user.user_id
)
@hapic.with_api_doc(tags=[SWAGGER_TAG__USER_EVENT_ENDPOINTS])
@check_right(has_personal_access)
@hapic.input_path(UserIdPathSchema())
@hapic.input_headers(TracimLiveEventHeaderSchema())
@hapic.input_query(TracimLiveEventQuerySchema())
def open_message_stream(self, context, request: TracimRequest, hapic_data) -> Response:
"""
Open the message stream for the given user.
Tracim Live Message Events as ServerSide Event Stream
"""
stream_opened_event = ":Tracim Live Messages for user {}\n\nevent: stream-open\ndata:\n\n".format(
str(request.candidate_user.user_id)
)
after_event_id = hapic_data.query["after_event_id"] # type: int
if after_event_id:
app_config = request.registry.settings["CFG"] # type: CFG
event_api = EventApi(request.current_user, request.dbsession, app_config)
messages = event_api.get_messages_for_user(
request.candidate_user.user_id, after_event_id=after_event_id
) # type: typing.List[Message]
stream_opened_event += "".join(
[
"data:" + json.dumps(LiveMessagesLib.message_as_dict(message)) + "\n\n"
for message in messages
]
)
escaped_keepalive_event = "event: keep-alive\\ndata:\\n\\n"
user_channel_name = LiveMessagesLib.user_grip_channel(request.candidate_user.user_id)
headers = [
# Here we ask push pin to keep the connection open
("Grip-Hold", "stream"),
# and register this connection on the given channel
# multiple channels subscription is possible
("Grip-Channel", user_channel_name),
("Grip-Keep-Alive", "{}; format=cstring; timeout=30".format(escaped_keepalive_event)),
# content type for SSE
("Content-Type", "text/event-stream"),
# do not cache the events
("Cache-Control", "no-cache"),
]
return Response(
headerlist=headers, charset="utf-8", status_code=200, body=stream_opened_event
)
@hapic.with_api_doc(tags=[SWAGGER_TAG__USER_CONFIG_ENDPOINTS])
@check_right(has_personal_access)
@hapic.input_path(UserIdPathSchema())
@hapic.output_body(UserConfigSchema())
def get_user_config(
self, context, request: TracimRequest, hapic_data: HapicData
) -> typing.Dict:
"""
get all the configuration parameters for the given user
"""
config_api = UserConfigApi(current_user=request.candidate_user, session=request.dbsession)
return {"parameters": config_api.get_all_params()}
@hapic.with_api_doc(tags=[SWAGGER_TAG__USER_CONFIG_ENDPOINTS])
@check_right(has_personal_access)
@hapic.input_path(UserIdPathSchema())
@hapic.input_body(SetConfigSchema())
@hapic.output_body(NoContentSchema(), default_http_code=HTTPStatus.NO_CONTENT)
def set_user_config(self, context, request: TracimRequest, hapic_data: HapicData) -> None:
"""
Set or update the given configuration parameters for the given user
The behavior of this endpoint is adding/updating key (patch-like) but not replacing the
whole configuration, so it's not possible to remove keys through this endpoint.
"""
config_api = UserConfigApi(current_user=request.candidate_user, session=request.dbsession)
config_api.set_params(params=hapic_data.body["parameters"])
@hapic.with_api_doc(tags=[SWAGGER_TAG__USER_CONFIG_ENDPOINTS])
@check_right(has_personal_access)
@hapic.input_path(UserIdPathSchema())
@hapic.output_body(WorkspaceSchema(many=True))
def get_accessible_workspaces(
self, context, request: TracimRequest, hapic_data: HapicData
) -> typing.List[WorkspaceInContext]:
"""
Return the list of accessible workspaces by the given user id.
An accessible workspace is:
- a workspace the user is not member of (`workspaces` API returns them)
- has an OPEN or ON_REQUEST access type
"""
app_config = request.registry.settings["CFG"] # type: CFG
wapi = WorkspaceApi(
current_user=request.candidate_user, session=request.dbsession, config=app_config,
)
workspaces = wapi.get_all_accessible_by_user(request.candidate_user)
return [wapi.get_workspace_with_context(workspace) for workspace in workspaces]
@hapic.with_api_doc(tags=[SWAGGER_TAG__USER_SUBSCRIPTIONS_ENDPOINTS])
@check_right(has_personal_access)
@hapic.input_path(UserIdPathSchema())
@hapic.output_body(WorkspaceSubscriptionSchema(many=True))
def user_subscriptions(
self, context, request: TracimRequest, hapic_data: HapicData
) -> typing.List[WorkspaceSubscription]:
subscription_lib = SubscriptionLib(
current_user=request.current_user, session=request.dbsession, config=request.app_config,
)
return subscription_lib.get_user_subscription(request.candidate_user.user_id)
@hapic.with_api_doc(tags=[SWAGGER_TAG__USER_SUBSCRIPTIONS_ENDPOINTS])
@check_right(has_personal_access)
@hapic.handle_exception(InvalidWorkspaceAccessType, HTTPStatus.BAD_REQUEST)
@hapic.input_path(UserIdPathSchema())
@hapic.input_body(WorkspaceIdSchema())
@hapic.output_body(WorkspaceSubscriptionSchema())
def submit_subscription(
self, context, request: TracimRequest, hapic_data: HapicData
) -> typing.List[WorkspaceSubscription]:
workspace = WorkspaceApi(
current_user=None, session=request.dbsession, config=request.app_config
).get_one(hapic_data.body["workspace_id"])
subscription_lib = SubscriptionLib(
current_user=request.current_user, session=request.dbsession, config=request.app_config,
)
return subscription_lib.submit_subscription(workspace=workspace)
def bind(self, configurator: Configurator) -> None:
"""
Create all routes and views using pyramid configurator
for this controller
"""
# user workspace
configurator.add_route(
"get_user_workspace",
"/users/{user_id:\d+}/workspaces",
request_method="GET", # noqa: W605
)
configurator.add_view(self.user_workspace, route_name="get_user_workspace")
configurator.add_route(
"post_user_workspace",
"/users/{user_id:\d+}/workspaces",
request_method="POST", # noqa: W605
)
configurator.add_view(self.join_workspace, route_name="post_user_workspace")
# user info
configurator.add_route("user", "/users/{user_id:\d+}", request_method="GET") # noqa: W605
configurator.add_view(self.user, route_name="user")
# user space info
configurator.add_route(
"user_disk_space", "/users/{user_id:\d+}/disk_space", request_method="GET"
) # noqa: W605
configurator.add_view(self.user_disk_space, route_name="user_disk_space")
# users lists
configurator.add_route("users", "/users", request_method="GET")
configurator.add_view(self.users, route_name="users")
# known members lists
configurator.add_route(
"known_members",
"/users/{user_id:\d+}/known_members",
request_method="GET", # noqa: W605
)
configurator.add_view(self.known_members, route_name="known_members")
# set user email
configurator.add_route(
"set_user_email", "/users/{user_id:\d+}/email", request_method="PUT"
) # noqa: W605
configurator.add_view(self.set_user_email, route_name="set_user_email")
# set user username
configurator.add_route(
"set_user_username", "/users/{user_id:\d+}/username", request_method="PUT"
) # noqa: W605
configurator.add_view(self.set_user_username, route_name="set_user_username")
# set user password
configurator.add_route(
"set_user_password", "/users/{user_id:\d+}/password", request_method="PUT" # noqa: W605
)
configurator.add_view(self.set_user_password, route_name="set_user_password")
# set user_info
configurator.add_route(
"set_user_info", "/users/{user_id:\d+}", request_method="PUT"
) # noqa: W605
configurator.add_view(self.set_user_infos, route_name="set_user_info")
# create user
configurator.add_route("create_user", "/users", request_method="POST")
configurator.add_view(self.create_user, route_name="create_user")
# enable user
configurator.add_route(
"enable_user", "/users/{user_id:\d+}/enabled", request_method="PUT"
) # noqa: W605
configurator.add_view(self.enable_user, route_name="enable_user")
# disable user
configurator.add_route(
"disable_user", "/users/{user_id:\d+}/disabled", request_method="PUT" # noqa: W605
)
configurator.add_view(self.disable_user, route_name="disable_user")
# delete user
configurator.add_route(
"delete_user", "/users/{user_id:\d+}/trashed", request_method="PUT"
) # noqa: W605
configurator.add_view(self.delete_user, route_name="delete_user")
# undelete user
configurator.add_route(
"undelete_user",
"/users/{user_id:\d+}/trashed/restore",
request_method="PUT", # noqa: W605
)
configurator.add_view(self.undelete_user, route_name="undelete_user")
# set user profile
configurator.add_route(
"set_user_profile", "/users/{user_id:\d+}/profile", request_method="PUT" # noqa: W605
)
configurator.add_view(self.set_profile, route_name="set_user_profile")
# set user allowed_space
configurator.add_route(
"set_user_allowed_space",
"/users/{user_id:\d+}/allowed_space",
request_method="PUT", # noqa: W605
)
configurator.add_view(self.set_allowed_space, route_name="set_user_allowed_space")
# user content
configurator.add_route(
"contents_read_status",
"/users/{user_id:\d+}/workspaces/{workspace_id}/contents/read_status", # noqa: W605
request_method="GET",
)
configurator.add_view(self.contents_read_status, route_name="contents_read_status")
# last active content for user
configurator.add_route(
"last_active_content",
"/users/{user_id:\d+}/workspaces/{workspace_id}/contents/recently_active", # noqa: W605
request_method="GET",
)
configurator.add_view(self.last_active_content, route_name="last_active_content")
# set content as read/unread
configurator.add_route(
"read_content",
"/users/{user_id:\d+}/workspaces/{workspace_id}/contents/{content_id}/read", # noqa: W605
request_method="PUT",
)
configurator.add_view(self.set_content_as_read, route_name="read_content")
configurator.add_route(
"unread_content",
"/users/{user_id:\d+}/workspaces/{workspace_id}/contents/{content_id}/unread", # noqa: W605
request_method="PUT",
)
configurator.add_view(self.set_content_as_unread, route_name="unread_content")
# set workspace as read
configurator.add_route(
"read_workspace",
"/users/{user_id:\d+}/workspaces/{workspace_id}/read", # noqa: W605
request_method="PUT",
)
configurator.add_view(self.set_workspace_as_read, route_name="read_workspace")
# enable workspace notification
configurator.add_route(
"enable_workspace_notification",
"/users/{user_id:\d+}/workspaces/{workspace_id}/notifications/activate", # noqa: W605
request_method="PUT",
)
configurator.add_view(
self.enable_workspace_notification, route_name="enable_workspace_notification"
)
# enable workspace notification
configurator.add_route(
"disable_workspace_notification",
"/users/{user_id:\d+}/workspaces/{workspace_id}/notifications/deactivate", # noqa: W605
request_method="PUT",
)
configurator.add_view(
self.disable_workspace_notification, route_name="disable_workspace_notification"
)
# TracimLiveMessages notification
configurator.add_route(
"live_messages",
"/users/{user_id:\d+}/live_messages", # noqa: W605
request_method="GET",
)
configurator.add_view(self.open_message_stream, route_name="live_messages")
# Tracim user messages
configurator.add_route(
"messages", "/users/{user_id:\d+}/messages", request_method="GET", # noqa: W605
)
configurator.add_view(self.get_user_messages, route_name="messages")
configurator.add_route(
"messages_summary",
"/users/{user_id:\d+}/messages/summary",
request_method="GET", # noqa: W605
)
configurator.add_view(self.get_user_messages_summary, route_name="messages_summary")
# read all unread messages for user
configurator.add_route(
"read_messages",
"/users/{user_id:\d+}/messages/read",
request_method="PUT", # noqa: W605
)
configurator.add_view(self.set_all_user_messages_as_read, route_name="read_messages")
# read all unread messages for user
configurator.add_route(
"read_message",
"/users/{user_id:\d+}/messages/{event_id:\d+}/read",
request_method="PUT", # noqa: W605
)
configurator.add_view(self.set_message_as_read, route_name="read_message")
# read all unread messages for user
configurator.add_route(
"unread_message",
"/users/{user_id:\d+}/messages/{event_id:\d+}/unread",
request_method="PUT", # noqa: W605
)
configurator.add_view(self.set_message_as_unread, route_name="unread_message")
# User configuration
configurator.add_route(
"config_get", "/users/{user_id:\d+}/config", request_method="GET", # noqa: W605
)
configurator.add_view(self.get_user_config, route_name="config_get")
configurator.add_route(
"config_post", "/users/{user_id:\d+}/config", request_method="PUT", # noqa: W605
)
configurator.add_view(self.set_user_config, route_name="config_post")
# User accessible workspaces (not member of, but can see information about them to subscribe)
configurator.add_route(
"get_accessible_workspaces",
"/users/{user_id:\d+}/accessible_workspaces",
request_method="GET", # noqa: W605
)
configurator.add_view(
self.get_accessible_workspaces, route_name="get_accessible_workspaces"
)
# User subscriptions
configurator.add_route(
"subscriptions_get",
"/users/{user_id:\d+}/workspace_subscriptions",
request_method="GET", # noqa: W605
)
configurator.add_view(self.user_subscriptions, route_name="subscriptions_get")
configurator.add_route(
"subscriptions_put",
"/users/{user_id:\d+}/workspace_subscriptions",
request_method="PUT", # noqa: W605
)
configurator.add_view(self.submit_subscription, route_name="subscriptions_put")
